[GTALUG] fluentd index, key, forward to 2 places

[Aren.deJ]

Has anyone has much mileage on fluentd?

I'm trying to separate logs with fluentd, in a container that is receiving
logs from many places.
This fluentd container has several fluentd plugins installed, but I'm
looking for the simplest way to gets logs indexed or keyed or grep'd
differently as either of 2 things (application or system related logs) and
have them send to the same outside ELK but with unique identifiers so that
the app vs sys logs are easily differentiated.

Any ideas? Or am I to continue trying to discern the fluentd docs? (The
docs are actually good, but use-cases aren't all that great as examples)

- Aren
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gtalug.org/pipermail/talk/attachments/20180402/f6c174fc/attachment.html>