Support Questions

Hi Ben thanks for your answer. As You said i can use Regex Filtering Interceptor, But i already using Search and Replace Interceptor for one filter can i use both in one agent at same time

It would appear you can "chain" them by putting the interceptors that are desired in a list in the order you want them applied. I have never personally done it, so I can't say for sure. Hope this helps!

 

[1]"Flume supports chaining of interceptors. This is made possible through by specifying the list of interceptor builder class names in the configuration. Interceptors are specified as a whitespace separated list in the source configuration. The order in which the interceptors are specified is the order in which they are invoked. The list of events returned by one interceptor is passed to the next interceptor in the chain."

 

 

[1]https://flume.apache.org/FlumeUserGuide.html#flume-interceptors

Hi Ben

 

          Thanks a lot for replying, As you said i read that but i didn't get this thing

This is made possible through by specifying the list of interceptor builder class names in the configuration

as you said i want to define interceptors names like interceptor 1 and interceptor 2 this what you saying right.

guessing like this: (assuming you want search-replace to be applied first, regex second)

 

....

agent.sources.localsource.interceptors = search-replace regex

agent.sources.localsource.interceptors.search-replace.type = search_replace

agent.sources.localsource.interceptors.regex.type = regex_filter

....

 

 

 

 

hi Ben

I tried like this as you said

agent.sources.localsource.interceptors = search-replace
agent.sources.localsource.interceptors.search-replace.type = search_replace

# Remove leading alphanumeric characters in an event body.
agent.sources.localsource.interceptors.search-replace.searchPattern = ###|##
agent.sources.localsource.interceptors.search-replace.replaceString = |

agent.sources.localsource.interceptors = regex-filter
agent.sources.localsource.interceptors.regex-filter.type = regex_filter

# Remove full event body.
agent.sources.localsource.interceptors.regex-filter.searchPattern = "pagenotfound.php"
agent.sources.localsource.interceptors.regex-filter.excludeEvents = true

But flume not writing events at all if i remove regex_filter interceptor then its writing events so you have any idea how to use it .

Thanks in advance.

Glad to Hear it!