Flex connector for multiple log formats
I am developing a JSON flex connector. My flex connector works fine only for one type of log type. When the end device generates a different log, then my regex fails. Hence I have individual regex for each log type generated by the device.
I want to know how can I club all my different regex, so the I am able to parse any type of event that is generated by the end device.
Re: Flex connector for multiple log formats
This is where you have to use the submessage method.
Typically your log record will have some common fields, usually a timestamp and host-IP, these can be processed for all record type.
You will then have a section - as small as possible if you can - which identifies the submessage. followed by the remainder of the record.
The identifier section will determine which of the submessage sections will process the "remainder of the record".
It is also possible to have a "default" submessage which will process all records which have not been identified as one of the other submessages.
It is quite well explained in the flex connectors development guide. If you need more help post a couple of your example records, or message me directly.