How to use if condition in fluentd 0.12

Question

I am using fluentd 0.12.

I have got below logs -

{"log":"2020-09-18 19:44:41 | INFO  | timeleft| 5a |  364 - core - 1.0.0.SNAPSHOT | TrafficTo:blue-connectorprocess from: blue-connectorprocess"}
{"log":"2020-09-18 19:44:41 | INFO  | timeleft| 6a |  351 - core - 1.0.0.SNAPSHOT | TrafficTo:httpRetrievedata from: retrieveSlaById"}
{"log":"2020-09-18 19:44:41 | INFO  | timeleft| 7a |  381 - core - 1.0.0.SNAPSHOT | TrafficTo:PromptConnector from: blue-connectorprocess"}

Now, using regex I have divided the log in several fields - TIME | LOG_LEVEL | message| VERSION| TRAFFIC_TO| FROM

Now, I have requirement that whenever fluentd encounters value "blue-connectorprocess" for field TRAFFIC_TO, it should add new field NEW_TRAFFIC and value of that field should be webconnector.

Similarly, if value "httpRetrievedata" is encountered in TRAFFIC_TO then NEW_TRAFFIC field should have value uiconnector. and if i encounter value "PromptConnector" then value of NEW_TRAFFIC should be checkconnector.

I tried below code for one of the TRAFFIC_TO value, but it didn't work.

<filter sla.**>
  @type record_transformer
  <record>
    NEW_TRAFFIC ${if record["TRAFFIC_TO"] == "PromptConnector" then record["NEW_TRAFFIC"] = "checkconnector"; end;}
  </record>
</filter>

Can anyone pls help?

Answer 1

you should use enable_ruby in your filter block to work. By that I mean your code looks like this:

<filter sla.**>
  @type record_transformer
  enable_ruby
  <record>
    NEW_TRAFFIC ${if record["TRAFFIC_TO"] == "PromptConnector" then record["NEW_TRAFFIC"] = "checkconnector"; end;}
  </record>
</filter>

It worked for me