Hello, I need to filter logs to only include lines with the word ‘INFO’. Using ‘drop’ only removes the line, and ‘!=’ doesn’t seem to work.
My config:
oki.source.docker "first" {
host = "unix:///var/run/docker.sock"
targets = discovery.docker.linux.targets
labels = {
visible_name = "test",
}
relabel_rules = discovery.relabel.docker_container_name.rules
forward_to = [loki.relabel.first.receiver]
}
loki.relabel "first" {
rule {
source_labels = ["container_name"]
regex = "test_container"
action = "keep"
}
forward_to = [loki.process.only_info.receiver]
}
loki.process "only_info" {
stage.drop {
expression = ".*INFO.*"
}
forward_to = [loki.write.secondary.receiver]
}
loki.write "secondary" {
endpoint {
url = "https://"
}
}