CSV (File) integration (#180)

* add csv upload file integration

Signed-off-by: YANGDB <yang.db.dev@gmail.com>

* add csv upload file integration

Signed-off-by: YANGDB <yang.db.dev@gmail.com>

* add csv upload file integration

Signed-off-by: YANGDB <yang.db.dev@gmail.com>

* add csv upload file data-prepper section

Signed-off-by: YANGDB <yang.db.dev@gmail.com>

* update two workflows:
 - quickstart
 - connect to an existing collector

Signed-off-by: YANGDB <yang.db.dev@gmail.com>

* add savedObjectId to the gallery dashboard images links

Signed-off-by: YANGDB <yang.db.dev@gmail.com>

* move getting-started into its own folder to become an independed ndjson resource
- getting started
   - getting_started.json - metadata
   - Getting-Started.md - markdown
   - data - sample data

Signed-off-by: YANGDB <yang.db.dev@gmail.com>

* move getting-started into its own folder to become an independed ndjson resource
- getting started
   - getting_started.json - metadata
   - Getting-Started.md - markdown
   - data - sample data

Signed-off-by: YANGDB <yang.db.dev@gmail.com>

---------

Signed-off-by: YANGDB <yang.db.dev@gmail.com>

integrations/observability/csv_file/README.md

@@ -0,0 +1,38 @@
+# CSV Upload Integration
+
+>  CSV File based Upload Integration 
+
+## What is CSV Upload ?
+
+CSV upload is an example of parsing and loading a CSV file into opensearch index using an agent
+
+## What is CSV Integration ?
+
+An integration is a bundle of pre-canned assets which are bundled togather in a meaningful manner.
+
+**_CSV Upload_** integration includes docker live example including getting started instruction of using data-prepper or fluent-bit for
+uploading the csv file into a dedicated index using a parser to transform the csv into json
+
+## Ingesting CVS Using Data-Prepper
+ ...
+
+## Ingesting CVS Using Flunet-Bit
+
+...
+
+---
+## Loading Integrations via DashboardManagement
+
+To update an integration template navigate to the DashboardManagement and select [savedObjects](https://localhost:5601/_dashboards/app/management/opensearch-dashboards/objects) and import the new artifact:
+
+1) Download the `nginx-1.0.0.ndjson` artifact from the [catalog release page](https://github.com/opensearch-project/opensearch-catalog/releases/edit/nginx-1.0.0)
+
+2) Go to the [DashboardManagement -> savedObjects ](https://localhost:5601/_dashboards/app/management/opensearch-dashboards/objects)
+
+![](https://github.com/opensearch-project/opensearch-catalog/assets/48943349/d96e9a78-e3de-4cce-ba66-23f7c084778d)
+
+![](https://github.com/opensearch-project/opensearch-catalog/assets/48943349/a63ae102-706a-4980-b758-fff7f6b24a94)
+
+3) Once there select import to load the recently downloaded integration artifact (`nginx-1.0.0.ndjson` suffix)
+
+4) Open the [nginx integration](https://localhost:5601/app/integrations#/available/nginx) and install

integrations/observability/csv_file/assets/fluent-bit-csv-upload-1.0.0.ndjson

@@ -0,0 +1,4 @@
+{"attributes":{"description":"upload a csv file example using fluent-bit agent","kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"},"title":"fluent-bit-csv-upload","uiStateJSON":"{}","version":1,"visState":"{\"title\":\"fluent-bit-csv-upload\",\"type\":\"markdown\",\"aggs\":[],\"params\":{\"fontSize\":12,\"openLinksInNewTab\":false,\"markdown\":\"# Uploading a CSV File into an OpenSearch Index Using Fluent Bit\\n\\nThis tutorial will guide you through the process of setting up Fluent Bit to monitor a directory for CSV files and upload their contents into an OpenSearch index.\\n\\n## Prerequisites\\n\\n- An OpenSearch instance running and accessible.\\n- Fluent Bit installed on your system.\\n- A directory containing your CSV files.\\n\\n## Step 1: Install Fluent Bit\\n\\n### On Linux:\\n\\n```bash\\ncurl -L https://fluentbit.io/releases/1.8/fluent-bit-1.8.11-linux-x86_64.tar.gz -o fluent-bit.tar.gz\\ntar -xvf fluent-bit.tar.gz\\ncd fluent-bit/bin\\n```\\n\\n### On macOS:\\n\\n```bash\\nbrew install fluent-bit\\n```\\n\\n### On Windows:\\n\\nDownload and extract Fluent Bit from [Fluent Bit releases](https://fluentbit.io/download/).\\n\\n## Step 2: Create Fluent Bit Configuration Files\\n\\n#### Create `fluent-bit.conf`\\n\\nThis is the main configuration file for Fluent Bit. It defines the input source, parser, and output destination.\\n\\n```ini\\n[SERVICE]\\n    Flush        1\\n    Log_Level    info\\n    Parsers_File parsers.conf\\n\\n[INPUT]\\n    Name         tail\\n    Path         /path/to/your/csv/files/*.csv\\n    Parser       csv\\n    Tag          csv\\n    Refresh_Interval 5\\n    Rotate_Wait 30\\n\\n[OUTPUT]\\n    Name         opensearch\\n    Match        *\\n    Host         your-opensearch-host\\n    Port         9200\\n    Index        csv-index\\n    HTTP_User    your-username\\n    HTTP_Passwd  your-password\\n    tls          off\\n    Suppress_Type_Name On\\n    tls.verify   off\\n```\\n\\n### Create `parsers.conf`\\n\\nThis file defines the CSV parser.\\n\\n```ini\\n[PARSER]\\n    Name        csv\\n    Format      regex\\n    Regex       ^(?<timestamp>[^,]+),(?<log_level>[^,]+),(?<message>[^,]+),(?<application>[^,]+),(?<host>[^,]+)$\\n    Time_Key    timestamp\\n    Time_Format %Y-%m-%d %H:%M:%S\\n```\\n\\n### Direct the CSV folder location\\n\\nEnsure this file is in the directory you specified in the `Path` of the `fluent-bit.conf` file.\\n\\n\\n## Step 3: Run Fluent Bit\\n\\nNavigate to the directory containing the Fluent Bit executable and the configuration files. Then, start Fluent Bit with the configuration files.\\n\\n```bash\\n/path/to/fluent-bit/bin/fluent-bit -c /path/to/fluent-bit.conf\\n```\\n\\n## Step 4: Verify Data in OpenSearch\\n\\nAfter starting Fluent Bit, you can verify the data ingestion by accessing OpenSearch and searching for the `csv-index` index.\\n\\nFor example, you can use OpenSearch Dashboards or the OpenSearch API to query the index:\\n\\n### Using OpenSearch Dashboards:\\n\\n1. Open OpenSearch Dashboards in your browser.\\n2. Navigate to the \\\"Discover\\\" tab.\\n3. Select the `csv-index` index pattern.\\n4. Verify that the log data from your CSV files is being ingested and displayed.\\n\\n### Using the OpenSearch API:\\n\\n```bash\\ncurl -X GET \\\"http://your-opensearch-host:9200/csv-index/_search?pretty\\\"\\n```\\n\\n---\\n## Live Testing with Docker Compose\\nIf you prefer to test this setup using Docker Compose, you can use the following docker-compose.yml file to quickly set up an OpenSearch instance along with Fluent Bit:\\n\\nUnder the `getting-started` section you can examine a live docker-compose sample:\\n```yaml\\n/csv_file/getting-started/fluent-bit\\n|-- docker-complete.yml\\n|-- data/\\n    |-- fluent-bit.conf\\n    |-- parsers.conf\\n    |-- logs.csv\\n\\n```\\nUse the [docker-compose](../getting-started/fluent-bit/docker-complete.yml) you can find a complete:\\n\\n`docker compose -f docker-complete.yml up -d` would instantiate the services and start sending the csv sample logs into an index. \\n\"}}"},"id":"0fad8910-43d9-11ef-a69e-0549ba61487e","migrationVersion":{"visualization":"7.10.0"},"references":[],"type":"visualization","updated_at":"2024-07-17T16:55:31.713Z","version":"WzEsMV0="}
+{"attributes":{"description":"upload a csv file example using fluent-bit agent","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"filter\":[]}"},"optionsJSON":"{\"hidePanelTitles\":false,\"useMargins\":true}","panelsJSON":"[{\"version\":\"2.15.0\",\"gridData\":{\"x\":0,\"y\":0,\"w\":24,\"h\":15,\"i\":\"22a1a11f-7ecf-46c7-a73d-b6cb5eb07b45\"},\"panelIndex\":\"22a1a11f-7ecf-46c7-a73d-b6cb5eb07b45\",\"embeddableConfig\":{},\"panelRefName\":\"panel_0\"}]","timeRestore":false,"title":"csv-file-upload-fluent-bit-dashboard","version":1},"id":"1e4f1c40-43d9-11ef-a69e-0549ba61487e","migrationVersion":{"dashboard":"7.9.3"},"references":[{"id":"0fad8910-43d9-11ef-a69e-0549ba61487e","name":"panel_0","type":"visualization"}],"type":"dashboard","updated_at":"2024-07-17T16:55:31.713Z","version":"WzIsMV0="}
+{"attributes":{"fields":"[{\"count\":0,\"name\":\"@timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"count\":0,\"name\":\"_id\",\"type\":\"string\",\"esTypes\":[\"_id\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"count\":0,\"name\":\"_index\",\"type\":\"string\",\"esTypes\":[\"_index\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":false},{\"count\":0,\"name\":\"_score\",\"type\":\"number\",\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"count\":0,\"name\":\"_source\",\"type\":\"_source\",\"esTypes\":[\"_source\"],\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"count\":0,\"name\":\"_type\",\"type\":\"string\",\"scripted\":false,\"searchable\":false,\"aggregatable\":false,\"readFromDocValues\":false},{\"count\":0,\"name\":\"application\",\"type\":\"string\",\"esTypes\":[\"text\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"count\":0,\"name\":\"application.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"application\"}}},{\"count\":0,\"name\":\"host\",\"type\":\"string\",\"esTypes\":[\"text\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"count\":0,\"name\":\"host.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"host\"}}},{\"count\":0,\"name\":\"log_level\",\"type\":\"string\",\"esTypes\":[\"text\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"count\":0,\"name\":\"log_level.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"log_level\"}}},{\"count\":0,\"name\":\"message\",\"type\":\"string\",\"esTypes\":[\"text\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"count\":0,\"name\":\"message.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"message\"}}},{\"count\":0,\"name\":\"timestamp\",\"type\":\"string\",\"esTypes\":[\"text\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"count\":0,\"name\":\"timestamp.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"timestamp\"}}}]","timeFieldName":"@timestamp","title":"logs-index"},"id":"csv-getting-started-tutorial-1.0.0","migrationVersion":{"index-pattern":"7.6.0"},"references":[],"type":"index-pattern","updated_at":"2024-07-17T16:59:06.006Z","version":"WzMsMV0="}
+{"exportedCount":3,"missingRefCount":0,"missingReferences":[]}

integrations/observability/csv_file/csv_file-1.0.0.json

@@ -0,0 +1,46 @@
+{
+  "name": "csv",
+  "version": "1.0.0",
+  "displayName": "csv-file",
+  "description": "Upload a CSV file",
+  "license": "Apache-2.0",
+  "type": "logs",
+  "labels": ["Logs", "Unstructured"],
+  "author": "OpenSearch",
+  "sourceUrl": "https://github.com/opensearch-project/opensearch-catalog/tree/main/integrations/observability/csv_file",
+  "workflows": [
+    {
+      "name": "dashboards",
+      "label": "Dashboards & Visualizations",
+      "description": "Dashboards and indices that enable you to easily visualize important metrics.",
+      "enabled_by_default": false
+    }
+  ],
+  "statics": {
+    "logo": {
+      "annotation": "CSV Logo",
+      "path": "logo.svg"
+    },
+    "gallery": [
+      {
+        "annotation": "Fluent-Bit getting started tutorial",
+        "path": "fluent-bit-getting-started-dashboard.png"
+      },
+      {
+        "annotation": "Data-Prepper Logo",
+        "path": "data-pepper.png"
+      },
+      {
+        "annotation": "Fluent-Bit Logo",
+        "path": "fluentbit.png"
+      }
+    ]
+  },
+  "components": [],
+  "assets": [
+    { "name": "fluent-bit-csv-upload", "version": "1.0.0", "extension": "ndjson", "type": "savedObjectBundle", "workflows": ["dashboards"] }
+  ],
+  "sampleData": {
+    "path": "logs.csv"
+  }
+}

integrations/observability/csv_file/data/logs.csv

@@ -0,0 +1,10 @@
+2024-07-16 12:00:00,INFO,Application started successfully,App1,host1
+2024-07-16 12:01:00,DEBUG,User logged in,App1,host1
+2024-07-16 12:01:05,ERROR,Failed to load resource,App1,host1
+2024-07-16 12:02:00,WARN,Deprecated API used,App1,host1
+2024-07-16 12:03:00,INFO,Background job executed,App1,host1
+2024-07-16 12:04:00,DEBUG,Cache cleared,App1,host1
+2024-07-16 12:05:00,INFO,User logged out,App1,host1
+2024-07-16 12:06:00,ERROR,Database connection failed,App1,host1
+2024-07-16 12:07:00,INFO,Application shutdown initiated,App1,host1
+2024-07-16 12:08:00,INFO,Application shutdown completed,App1,host1

integrations/observability/csv_file/getting-started/Getting-Started.md

@@ -0,0 +1,189 @@
+# Uploading a CSV File into an OpenSearch Index Using Fluent Bit
+
+This tutorial will guide you through the process of setting up Fluent Bit to monitor a directory for CSV files and upload their contents into an OpenSearch index.
+
+## Prerequisites
+
+- An OpenSearch instance running and accessible.
+- Fluent Bit installed on your system.
+- A directory containing your CSV files.
+
+## Step 1: Install Fluent Bit
+
+### On Linux:
+
+```bash
+curl -L https://fluentbit.io/releases/1.8/fluent-bit-1.8.11-linux-x86_64.tar.gz -o fluent-bit.tar.gz
+tar -xvf fluent-bit.tar.gz
+cd fluent-bit/bin
+```
+
+### On macOS:
+
+```bash
+brew install fluent-bit
+```
+
+### On Windows:
+
+Download and extract Fluent Bit from [Fluent Bit releases](https://fluentbit.io/download/).
+
+## Step 2: Create Fluent Bit Configuration Files
+
+#### Create `fluent-bit.conf`
+
+This is the main configuration file for Fluent Bit. It defines the input source, parser, and output destination.
+
+```ini
+[SERVICE]
+    Flush        1
+    Log_Level    info
+    Parsers_File parsers.conf
+
+[INPUT]
+    Name         tail
+    Path         /path/to/your/csv/files/*.csv
+    Parser       csv
+    Tag          csv
+    Refresh_Interval 5
+    Rotate_Wait 30
+
+[OUTPUT]
+    Name         opensearch
+    Match        *
+    Host         your-opensearch-host
+    Port         9200
+    Index        csv-index
+    HTTP_User    your-username
+    HTTP_Passwd  your-password
+    tls          off
+    Suppress_Type_Name On
+    tls.verify   off
+```
+
+### Create `parsers.conf`
+
+This file defines the CSV parser.
+
+```ini
+[PARSER]
+    Name        csv
+    Format      regex
+    Regex       ^(?<timestamp>[^,]+),(?<log_level>[^,]+),(?<message>[^,]+),(?<application>[^,]+),(?<host>[^,]+)$
+    Time_Key    timestamp
+    Time_Format %Y-%m-%d %H:%M:%S
+```
+
+### Direct the CSV folder location
+
+Ensure this file is in the directory you specified in the `Path` of the `fluent-bit.conf` file.
+
+
+## Step 3: Run Fluent Bit
+
+Navigate to the directory containing the Fluent Bit executable and the configuration files. Then, start Fluent Bit with the configuration files.
+
+```bash
+/path/to/fluent-bit/bin/fluent-bit -c /path/to/fluent-bit.conf
+```
+
+## Step 4: Verify Data in OpenSearch
+
+After starting Fluent Bit, you can verify the data ingestion by accessing OpenSearch and searching for the `csv-index` index.
+
+For example, you can use OpenSearch Dashboards or the OpenSearch API to query the index:
+
+### Using OpenSearch Dashboards:
+
+1. Open OpenSearch Dashboards in your browser.
+2. Navigate to the "Discover" tab.
+3. Select the `csv-index` index pattern.
+4. Verify that the log data from your CSV files is being ingested and displayed.
+
+### Using the OpenSearch API:
+
+```bash
+curl -X GET "http://your-opensearch-host:9200/csv-index/_search?pretty"
+```
+
+---
+## Live Testing with Docker Compose
+If you prefer to test this setup using Docker Compose, you can use the following docker-compose.yml file to quickly set up an OpenSearch instance along with Fluent Bit:
+
+Under the `getting-started` section you can examine a live docker-compose sample:
+```yaml
+/csv_file/getting-started/fluent-bit
+|-- docker-complete.yml
+|-- data/
+    |-- fluent-bit.conf
+    |-- parsers.conf
+    |-- logs.csv
+
+```
+Use the [docker-compose](fluent-bit/docker-complete.yml) you can find a complete:
+
+`docker compose -f docker-complete.yml up -d` would instantiate the services and start sending the csv sample logs into an index. 
+
+---
+# Data-Prepper CSV Processor Tutorial
+
+The `csv` processor parses comma-separated values (CSVs) from the event into columns.
+
+## Configuration Options
+
+- **source** (String): The field in the event to be parsed. Default is `message`.
+- **quote_character** (String): The text qualifier for a single column. Default is `"`.
+- **delimiter** (String): The character separating each column. Default is `,`.
+- **delete_header** (Boolean): Deletes the event header after parsing. Default is true.
+- **column_names_source_key** (String): Specifies the CSV column names.
+- **column_names** (List): User-specified column names.
+
+## Usage Examples
+
+### User-specified Column Names
+
+```yaml
+csv-pipeline:
+  source:
+    file:
+      path: "/full/path/to/ingest.csv"
+      record_type: "event"
+  processor:
+    - csv:
+        column_names: ["col1", "col2"]
+  sink:
+    - stdout:
+```
+
+### Automatically Detect Column Names
+
+```yaml
+csv-s3-pipeline:
+  source:
+    s3:
+      notification_type: "sqs"
+      codec:
+        newline:
+          skip_lines: 1
+          header_destination: "header"
+      compression: none
+      sqs:
+        queue_url: "https://sqs.<region>.amazonaws.com/<account id>/<queue name>"
+      aws:
+        region: "<region>"
+  processor:
+    - csv:
+        column_names_source_key: "header"
+  sink:
+    - stdout:
+```
+
+## Metrics
+
+- **recordsIn**: Ingress records count.
+- **recordsOut**: Egress records count.
+- **timeElapsed**: Execution time.
+- **csvInvalidEvents**: Count of invalid events.
+
+For more details, visit the [CSV Processor Documentation](https://opensearch.org/docs/latest/data-prepper/pipelines/configuration/processors/csv/).
+```

integrations/observability/csv_file/getting-started/data-prepper/pipeline.yml

@@ -0,0 +1,20 @@
+# Copyright The OpenTelemetry Authors
+# SPDX-License-Identifier: Apache-2.0
+
+csv-pipeline:
+  source:
+    file:
+      path: "/full/path/to/ingest.csv"
+      record_type: "event"
+  processor:
+    - csv:
+        column_names: ["col1", "col2", "col3"]
+  sink:
+    - opensearch:
+        hosts: ["https://opensearch-node1:9200"]
+        username: "admin"
+        password: "my_%New%_passW0rd!@#"
+        insecure: true
+        index_type: custom
+        index: logs-index
+        bulk_size: 4

integrations/observability/csv_file/getting-started/fluent-bit/.env

@@ -0,0 +1,18 @@
+# Nginx Proxy
+NGINX_PORT=90
+NGINX_ADDR=nginx:${NGINX_PORT}
+
+# OpenSearch version
+OPENSEARCH_VERSION=2.15.0
+OPENSEARCH_ADMIN_PASSWORD=my_%New%_passW0rd!@#
+OPENSEARCH_INITIAL_ADMIN_PASSWORD=my_%New%_passW0rd!@#
+
+# OpenSearch Node1
+OPENSEARCH_PORT=9200
+OPENSEARCH_HOST=opensearch
+OPENSEARCH_ADDR=${OPENSEARCH_HOST}:${OPENSEARCH_PORT}
+
+# OpenSearch Dashboard
+OPENSEARCH_DASHBOARD_PORT=5601
+OPENSEARCH_DASHBOARD_HOST=opensearch-dashboards
+OPENSEARCH_DASHBOARD_ADDR=${OPENSEARCH_DASHBOARD_HOST}:${OPENSEARCH_DASHBOARD_PORT}

integrations/observability/csv_file/getting-started/fluent-bit/data/fluent-bit.conf

@@ -0,0 +1,28 @@
+[SERVICE]
+    Flush        1
+    Log_Level    info
+    Parsers_File parsers.conf
+
+[INPUT]
+    Name         tail
+    Path         /fluent-bit/data/*.csv
+    Parser       csv
+    Tag          csv
+
+[INPUT]
+    Name         dummy
+    Dummy        {"timestamp":"2024-07-16 12:09:00", "log_level":"INFO", "message":"Dummy log message", "application":"App2", "host":"host2"}
+    Tag          dummy
+
+[OUTPUT]
+    Name         opensearch
+    Host         opensearch-node1
+    Match        *
+    Port         9200
+    Type         _doc
+    Index        logs-index
+    tls             On
+    tls.verify      Off
+    Suppress_Type_Name On
+    HTTP_User       admin
+    HTTP_Passwd     my_%New%_passW0rd!@#

integrations/observability/csv_file/getting-started/fluent-bit/data/logs.csv

@@ -0,0 +1,10 @@
+2024-07-16 12:00:00,INFO,Application started successfully,App1,host1
+2024-07-16 12:01:00,DEBUG,User logged in,App1,host1
+2024-07-16 12:01:05,ERROR,Failed to load resource,App1,host1
+2024-07-16 12:02:00,WARN,Deprecated API used,App1,host1
+2024-07-16 12:03:00,INFO,Background job executed,App1,host1
+2024-07-16 12:04:00,DEBUG,Cache cleared,App1,host1
+2024-07-16 12:05:00,INFO,User logged out,App1,host1
+2024-07-16 12:06:00,ERROR,Database connection failed,App1,host1
+2024-07-16 12:07:00,INFO,Application shutdown initiated,App1,host1
+2024-07-16 12:08:00,INFO,Application shutdown completed,App1,host1

integrations/observability/csv_file/getting-started/fluent-bit/data/parsers.conf

@@ -0,0 +1,6 @@
+[PARSER]
+    Name        csv
+    Format      regex
+    Regex       ^(?<timestamp>[^,]+),(?<log_level>[^,]+),(?<message>[^,]+),(?<application>[^,]+),(?<host>[^,]+)$
+    Time_Key    timestamp
+    Time_Format %Y-%m-%d %H:%M:%S