guyromb · February 15, 2020 10:12
diff --git a/traefik_deployment.yaml b/traefik_deployment.yaml
 apiVersion: apps/v1
 kind: Deployment
 spec:
  template:
    metadata:
      annotations:
        co.elastic.logs/enabled: "true"
        co.elastic.logs/processors.0.decode_json_fields.fields: message
        co.elastic.logs/processors.0.decode_json_fields.target: ""
        co.elastic.logs/processors.1.dissect.field: request_Authorization
        co.elastic.logs/processors.1.dissect.target_prefix: dissectJwt
        co.elastic.logs/processors.1.dissect.tokenizer: Bearer %{header}.%{payload}.%{signature}
        co.elastic.logs/processors.2.add_fields.fields.decodedPayload: ""
        co.elastic.logs/processors.2.add_fields.target: dissectJwt
        co.elastic.logs/processors.3.script.id: base64decode
        co.elastic.logs/processors.3.script.lang: javascript
        co.elastic.logs/processors.3.script.source: function process(event) { event.Put('dissectJwt.payload',
          event.Get('dissectJwt.payload') + Array((4 - event.Get('dissectJwt.payload').length
          % 4) % 4 + 1).join('=')) }
        co.elastic.logs/processors.4.decode_base64_field.field.from: dissectJwt.payload
        co.elastic.logs/processors.4.decode_base64_field.field.to: dissectJwt.decodedPayload
        co.elastic.logs/processors.5.decode_json_fields.fields: dissectJwt.decodedPayload
        co.elastic.logs/processors.5.decode_json_fields.target: jwtPayloadJson
        co.elastic.logs/processors.6.drop_fields.fields.0: dissectJwt
        co.elastic.logs/processors.7.script.id: cleanmessage
        co.elastic.logs/processors.7.script.lang: javascript
        co.elastic.logs/processors.7.script.source: function process(event) { event.Put('message','Traefik
          ' + event.Get('RequestLine')) }
	apiVersion: apps/v1
	kind: Deployment
	spec:
	template:
	metadata:
	annotations:
	co.elastic.logs/enabled: "true"
	co.elastic.logs/processors.0.decode_json_fields.fields: message
	co.elastic.logs/processors.0.decode_json_fields.target: ""
	co.elastic.logs/processors.1.dissect.field: request_Authorization
	co.elastic.logs/processors.1.dissect.target_prefix: dissectJwt
	co.elastic.logs/processors.1.dissect.tokenizer: Bearer %{header}.%{payload}.%{signature}
	co.elastic.logs/processors.2.add_fields.fields.decodedPayload: ""
	co.elastic.logs/processors.2.add_fields.target: dissectJwt
	co.elastic.logs/processors.3.script.id: base64decode
	co.elastic.logs/processors.3.script.lang: javascript
	co.elastic.logs/processors.3.script.source: function process(event) { event.Put('dissectJwt.payload',
	event.Get('dissectJwt.payload') + Array((4 - event.Get('dissectJwt.payload').length
	% 4) % 4 + 1).join('=')) }
	co.elastic.logs/processors.4.decode_base64_field.field.from: dissectJwt.payload
	co.elastic.logs/processors.4.decode_base64_field.field.to: dissectJwt.decodedPayload
	co.elastic.logs/processors.5.decode_json_fields.fields: dissectJwt.decodedPayload
	co.elastic.logs/processors.5.decode_json_fields.target: jwtPayloadJson
	co.elastic.logs/processors.6.drop_fields.fields.0: dissectJwt
	co.elastic.logs/processors.7.script.id: cleanmessage
	co.elastic.logs/processors.7.script.lang: javascript
	co.elastic.logs/processors.7.script.source: function process(event) { event.Put('message','Traefik
	' + event.Get('RequestLine')) }