Fluentd 區分不同主機來源 Fluentd add hostname in data

1.
Use tag name
Collecting Logs into Elasticsearch and S3 | Fluentd

<source>
  type tail
  format apache
  path /var/log/httpd/access_log
  pos_file /var/log/td-agent/httpd.access.pos
  tag hostname.httpd.access
</source>

<match *.*>

  type elasticsearch
  host localhost
  port 9200
  include_tag_key true
  tag_key @log_name
  logstash_format true
  flush_interval 10s

</match>

2.
fukata/fluent-plugin-hostname

<source>
    type syslog
    port 5140
    bind 0.0.0.0
    format /^(?[^ ]* [^ ]* [^ ]*) (?[^ ]*) (?[a-zA-Z0-9_\/\.\-]*)(?:\[(?[0-9]+)\])?[^\:]*\: *(?.*)$/
    time_format %b %d %H:%M:%S
    tag system.local

</source>

<match system.**>
  type hostname
  key_name @source_host
  add_prefix es
</match>

<match es.system.**>
  type elasticsearch
  logstash_format true
  host 192.168.1.253
  port 9200
  index_name fluentd
  type_name syslog
  flush_interval 1s
  include_tag_key true
  tag_key @log_name</match>

3.
repeatedly/fluent-plugin-record-modifier