use multiline parser

[TaLoN1x]

I am trying to use multiline parser within this plugin and It seems that doesnt work

Ive tested it also with Java stack trace example from documentation...

My configuration:

<source>
  @type tcp
  tag "sometag.#{Socket.gethostname}"
  port 1234
  <parse>
    @type multi_format
    <pattern>
      format regexp
      expression /\<(?<pri>[0-9]+)\>(?<time>[^ ]* {1,2}[^ ]* [^ ]*) (?<host>[^ ]*) (?<message>.*)$/
      time_format %b %d %H:%M:%S
    </pattern>
    <pattern>
      format regexp
      expression /\<(?<pri>[0-9]{1,3})\>(?<time>[^ ]+) (?<host>[!-~]{1,255}) (?<message>.*)$/
      time_format %Y-%m-%dT%H:%M:%S.%L%z
    </pattern>
    <pattern>
      format regexp
      expression /\<(?<pri>[0-9]{1,3})\>(?<time>[^ ]+) (?<host>[!-~]{1,255}) (?<message>.*)$/
      time_format %Y-%m-%dT%H:%M:%S%z
    </pattern>
    <pattern>
      format multiline
      format_firstline /\d{4}-\d{1,2}-\d{1,2}/
      format1 /^(?<time>\d{4}-\d{1,2}-\d{1,2} \d{1,2}:\d{1,2}:\d{1,2}) \[(?<thread>.*)\] (?<level>[^\s]+)(?<message>.*)/
    </pattern>
  </parse>
</source>

[repeatedly]

See https://github.com/repeatedly/fluent-plugin-multi-format-parser#note If your logs are seperated into multiple records, this plugin doesn't work. You need to use concat plugin before.

[akshayubale1]

If any one got the solution to use the multiline parse can you please share