[WIP] Filterx docs

content/chapter-enrich-data/data-enrichment-add-contextual-data/_index.md

@@ -8,48 +8,43 @@ In {{% param "product.abbrev" %}} version 3.8 and later, you can use an external
 
 The database file is a simple text file in comma-separated value (CSV) format, where each line contains the following information:
 
-  - A selector or ID that appears in the log messages, for example, the hostname. To use shell-style globbing (wildcards) in selectors, see {{% xref "/chapter-enrich-data/data-enrichment-add-contextual-data/add-contextual-data-globs/_index.md" %}}. You can also reference the name of a filter that matches the messages, see {{% xref "/chapter-enrich-data/data-enrichment-add-contextual-data/add-contextual-data-filters/_index.md" %}}
-
-  - The name of the name-value pair that {{% param "product.abbrev" %}} adds to matching log messages.
-
-  - The value of the name-value pairs. Starting with {{% param "product.abbrev" %}} version 3.22, the value of the name-value pair can be a template or a template function, for example, `"selector3,name,$(echo $HOST_FROM)";`
+- A selector or ID that appears in the log messages, for example, the hostname. To use shell-style globbing (wildcards) in selectors, see {{% xref "/chapter-enrich-data/data-enrichment-add-contextual-data/add-contextual-data-globs/_index.md" %}}. You can also reference the name of a filter that matches the messages, see {{% xref "/chapter-enrich-data/data-enrichment-add-contextual-data/add-contextual-data-filters/_index.md" %}}
+- The name of the name-value pair that {{% param "product.abbrev" %}} adds to matching log messages.
+- The value of the name-value pairs. Starting with {{% param "product.abbrev" %}} version 3.22, the value of the name-value pair can be a template or a template function, for example, `"selector3,name,$(echo $HOST_FROM)";`
 
 For example, the following csv-file contains three lines identified with the IP address, and adds the `host-role` field to the log message.
 
 ```shell
-   192.168.1.1,host-role,webserver
-    192.168.2.1,host-role,firewall
-    192.168.3.1,host-role,mailserver
+192.168.1.1,host-role,webserver
+192.168.2.1,host-role,firewall
+192.168.3.1,host-role,mailserver
 ```
 
-
 ## The database file: {#add-contextual-data-csv-database-file}
 
 The database file must comply with the [RFC4180 CSV format](https://tools.ietf.org/html/rfc4180), with the following exceptions and limitations:
 
-  - The values of the CSV-file cannot contain line-breaks
+- The values of the CSV-file cannot contain line-breaks
 
 To add multiple name-value pairs to a message, include a separate line in the database for each name-value pair, for example:
 
 ```shell
-   192.168.1.1,host-role,webserver
-    192.168.1.1,contact-person,"John Doe"
-    192.168.1.1,contact-email,[email protected]
+192.168.1.1,host-role,webserver
+192.168.1.1,contact-person,"John Doe"
+192.168.1.1,contact-email,[email protected]
 ```
 
 Technically, `add-contextual-data()` is a parser in {{% param "product.abbrev" %}} so you have to define it as a parser object.
 
-
-
 ## Declaration:
 
 ```shell
-   parser p_add_context_data {
-        add-contextual-data(
-            selector("${HOST}"),
-            database("context-info-db.csv"),
-        );
-    };
+parser p_add_context_data {
+    add-contextual-data(
+        selector("${HOST}"),
+        database("context-info-db.csv"),
+    );
+};
 ```
 
 
@@ -63,31 +58,30 @@ If you modify the database file, you have to reload {{% param "product.abbrev" %
 The following example defines uses a CSV database to add the role of the host based on its IP address, and prefixes the added name-value pairs with `.metadata`. The destination includes a template that simply appends the added name-value pairs to the end of the log message.
 
 ```shell
-   @include "scl.conf"
-    
-    source s_network {
-        network(port(5555));
-    };
-    
-    destination d_local {
-        file("/tmp/test-msgs.log"
-        template("$MSG Additional metadata:[${.metadata.host-role}]")};
-    
-    parser p_add_context_data {
-        add-contextual-data(selector("$SOURCEIP"), database("context-info-db.csv"), default-selector("unknown"), prefix(".metadata."));
-    };
-    
-    log {
-        source(s_network);
-        parser(p_add_context_data);
-        destination(d_local);
-    };
+@include "scl.conf"
+
+source s_network {
+    network(port(5555));
+};
+
+destination d_local {
+    file("/tmp/test-msgs.log"
+    template("$MSG Additional metadata:[${.metadata.host-role}]")};
+
+parser p_add_context_data {
+    add-contextual-data(selector("$SOURCEIP"), database("context-info-db.csv"), default-selector("unknown"), prefix(".metadata."));
+};
+
+log {
+    source(s_network);
+    parser(p_add_context_data);
+    destination(d_local);
+};
 ```
 
 ```shell
-   192.168.1.1,host-role,webserver
-    192.168.2.1,host-role,firewall
-    192.168.3.1,host-role,mailserver
-    unknown,host-role,unknown
+192.168.1.1,host-role,webserver
+192.168.2.1,host-role,firewall
+192.168.3.1,host-role,mailserver
+unknown,host-role,unknown
 ```
-

content/chapter-parsers/date-parser/date-parser-options/_index.md

@@ -16,60 +16,7 @@ The `date-parser()` parser has the following options.
 
 *Description:* Specifies the format how {{% param "product.abbrev" %}} should parse the date. You can use the following format elements:
 
-```shell
-   %%      PERCENT
-    %a      day of the week, abbreviated
-    %A      day of the week
-    %b      month abbr
-    %B      month
-    %c      MM/DD/YY HH:MM:SS
-    %C      ctime format: Sat Nov 19 21:05:57 1994
-    %d      numeric day of the month, with leading zeros (eg 01..31)
-    %e      like %d, but a leading zero is replaced by a space (eg  1..31)
-    %f      microseconds, leading 0's, extra digits are silently discarded
-    %D      MM/DD/YY
-    %G      GPS week number (weeks since January 6, 1980)
-    %h      month, abbreviated
-    %H      hour, 24 hour clock, leading 0's)
-    %I      hour, 12 hour clock, leading 0's)
-    %j      day of the year
-    %k      hour
-    %l      hour, 12 hour clock
-    %L      month number, starting with 1
-    %m      month number, starting with 01
-    %M      minute, leading 0's
-    %n      NEWLINE
-    %o      ornate day of month -- "1st", "2nd", "25th", etc.
-    %p      AM or PM
-    %P      am or pm (Yes %p and %P are backwards :)
-    %q      Quarter number, starting with 1
-    %r      time format: 09:05:57 PM
-    %R      time format: 21:05
-    %s      seconds since the Epoch, UCT
-    %S      seconds, leading 0's
-    %t      TAB
-    %T      time format: 21:05:57
-    %U      week number, Sunday as first day of week
-    %w      day of the week, numerically, Sunday == 0
-    %W      week number, Monday as first day of week
-    %x      date format: 11/19/94
-    %X      time format: 21:05:57
-    %y      year (2 digits)
-    %Y      year (4 digits)
-    %Z      timezone in ascii format (for example, PST), or in format -/+0000
-    %z      timezone in ascii format (for example, PST), or in format -/+0000  (Required element)
-```
-
-{{% alert title="Warning" color="warning" %}}
-
-When using the %z and %Z format elements, consider that while %z strictly expects a specified timezone, and triggers a warning if the timezone is not specified, %Z does not trigger a warning if the timezone is not specified.
-
-For further information about the %z and %Z format elements, see the 'DESCRIPTION' section on the [srtptime(3) - NetBSD Manual Pages](https://man.netbsd.org/NetBSD-7.0/i386/strptime.3).
-
-{{% /alert %}}
-
-
-For example, for the date `01/Jan/2016:13:05:05 PST` use the following format string: `format("%d/%b/%Y:%H:%M:%S %Z")`
+{{< include-headless "chunk/date-string-format.md" >}}
 
 {{% include-headless "chunk/example-date-parser.md" %}}