Syslog output's 'severity' configuration cannot validate fields, only static values

Description

When using the syslog output, it's not possible to specify the 'severity' using a field - only static strings (contained in the plugin's SEVERITY_LABELS array) may be passed.

It would be very useful to be able to do this:

But this fails with the error:

Activity

Show:
Gösta Jonasson
November 21, 2013, 9:00 AM

The plugin is more or less useless if the severity can't be set by a variable.

My suggested fix is:
logstash / lib / logstash / outputs / syslog.rb

Change
config :severity, :validate => SEVERITY_LABELS, :required => true
to
config :severity, :validate => :string, :required => true

and
severity_code = SEVERITY_LABELS.index(@severity)
to
severity = event.sprintf(@severity)
severity_code = SEVERITY_LABELS.index(severity)

This might give an index exception if severity isn't a member of SEVERITY_LABELS but that can give an error message (I don't know how to do that in Ruby).

Assignee

Logstash Developers

Reporter

Paul Tiplady

Labels

Affects versions

Configure