stanza/docs/operators at 3b23e5c9bf891484129749f53f61b72d11577bf5 · observIQ/stanza

Name	Name	Last commit message	Last commit date
parent directory ..
README.md	README.md
add.md	add.md
aws_cloudwatch_input.md	aws_cloudwatch_input.md
azure_event_hub_input.md	azure_event_hub_input.md
azure_log_analytics_input.md	azure_log_analytics_input.md
copy.md	copy.md
csv_parser.md	csv_parser.md
drop_output.md	drop_output.md
elastic_output.md	elastic_output.md
file_input.md	file_input.md
file_output.md	file_output.md
filter.md	filter.md
flatten.md	flatten.md
forward_input.md	forward_input.md
forward_output.md	forward_output.md
generate_input.md	generate_input.md
goflow_input.md	goflow_input.md
google_cloud_output.md	google_cloud_output.md
host_metadata.md	host_metadata.md
http_input.md	http_input.md
journald_input.md	journald_input.md
json_parser.md	json_parser.md
k8s_event_input.md	k8s_event_input.md
k8s_metadata_decorator.md	k8s_metadata_decorator.md
key_value_parser.md	key_value_parser.md
metadata.md	metadata.md
move.md	move.md
newrelic_output.md	newrelic_output.md
rate_limit.md	rate_limit.md
recombine.md	recombine.md
regex_parser.md	regex_parser.md
remove.md	remove.md
restructure.md	restructure.md
retain.md	retain.md
router.md	router.md
severity_parser.md	severity_parser.md
stanza_input.md	stanza_input.md
stdin.md	stdin.md
stdout.md	stdout.md
syslog_parser.md	syslog_parser.md
tcp_input.md	tcp_input.md
time_parser.md	time_parser.md
udp_input.md	udp_input.md
uri_parser.md	uri_parser.md
windows_eventlog_input.md	windows_eventlog_input.md
xml_parser.md	xml_parser.md

Name

Last commit message

Last commit date

README.md

add.md

aws_cloudwatch_input.md

azure_event_hub_input.md

azure_log_analytics_input.md

google_cloud_output.md

k8s_metadata_decorator.md

windows_eventlog_input.md

xml_parser.md

What is an operator?

An operator is the most basic unit of log processing. Each operator fulfills a single responsibility, such as reading lines from a file, or parsing JSON from a field. Operators are then chained together in a pipeline to achieve a desired result.

For instance, a user may read lines from a file using the file_input operator. From there, the results of this operation may be sent to a regex_parser operator that creates fields based on a regex pattern. And then finally, these results may be sent to a elastic_output operator that writes each line to Elasticsearch.

What operators are available?

Inputs:

Parsers:

Outputs:

General purpose:

Or create your own plugins for a technology-specific use case.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

What is an operator?

What operators are available?

FilesExpand file tree

operators

Directory actions

More options

Directory actions

More options

Latest commit

History

operators

Folders and files

parent directory

README.md

What is an operator?

What operators are available?