[rsyslog-notify] Forum Thread: Add sequence number to message - global variables - (Mode 'post')

[noreply at adiscon.com]

User: semicontinuity 
Forumlink: http://kb.monitorware.com/viewtopic.php?p=25703#p25703

Message: 
----------
I was looking for possibility to add some kind of sequence number for every
message to be sent to elasticsearch.
The problem is, often messages are logged quite fast, and have the same
timestamp, for instance

2015-06-16 08:25:51,203 DEBUG main/Logger: Writing data..
2015-06-16 08:25:51,203 DEBUG main/Logger: Writtten data
2015-06-16 08:25:52,123 DEBUG main/Logger: Writing more data..

if timestamp is the same, the messages order is lost in elastic.

I was thinking that it's possible to add another field 'sequence', so that
messages will be ordered by timestamp and sequence number. It could be
forever-increasing number, but it ther might be problems - where to keep
the number between rsyslog restarts, etc., so ideal would be the number in
the group of messages having the same timestamp, starting from 0 and
increasing until new timestamp is seen, so the following would be sent to
elastic:

{ts="2015-06-16 08:25:51,203" n=0 level="DEBUG" .. message="Writing
data.."}
{ts="2015-06-16 08:25:51,203" n=1 level="DEBUG" .. message="Writtten data"}
{ts="2015-06-16 08:25:52,123" n=0 level="DEBUG" .. message="Writing more
data.."}

It seems, that it's not possible with RainerScript - i need some sort of
'global' variable to hold the sequence number and the last seen timestamp.

So, the question is - is it possible to add support for 'global' variables?