I'm trying to get some Cisco Meraki MX firewalls logs pointed to our Kubernetes cluster using fluentd pods. I'm using the @syslog source plugin, and able to get the logs generated, but I keep getting this error 2022-06-30 16:30:39 -0700 [error]: #0 invalid input data="<134>1 1656631840.701989724 838071_MT_DFRT urls src=10.202.11.05:39802 dst=138.128.172.11:443 mac=90:YE:F6:23:EB:T0 request: UNKNOWN https://f3wlpabvmdfgjhufgm1xfd6l2rdxr.b3-4-eu-w01.u5ftrg.com/..." error_class=Fluent::TimeParser::TimeParseError error="invalid time format: value = 1 1656631840.701989724 838071_ME_98766, error_class = ArgumentError, error = string doesn't match" Everything seems to be fine, but it seems as though the Meraki is sending it's logs in Epoch time, and the fluentd @syslog plugin is not liking it. I have a vanilla config: <source>
@type syslog
port 5140
tag meraki
</source> Is there a way to possibly transform the time strings to something fluentd will like? Or what am I missing here.
... View more