-
Notifications
You must be signed in to change notification settings - Fork 183
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(otellogs/systemd): add support for systemd logs to otellogs #2364
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This pull request contains invalid labels. Please remove all of the following labels: ['do-not-merge/hold']
107102f
to
4067575
Compare
3069532
to
eefe68b
Compare
3c37999
to
3ae7fea
Compare
@@ -4136,6 +4136,7 @@ metadata: | |||
json_logs: | |||
add_timestamp: true | |||
timestamp_key: timestamp | |||
flatten_body: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
systemd is key value pair, so this option is safe for fluentd. It's necessary for otel, as it sends body as key-value pair. This body would be put inside log
key without this option
deploy/helm/sumologic/values.yaml
Outdated
@@ -4716,7 +4719,7 @@ otellogs: | |||
## Configure image for Opentelemetry Collector | |||
image: | |||
repository: public.ecr.aws/sumologic/sumologic-otel-collector | |||
tag: 0.52.0-sumo-0 | |||
tag: 0.53.0-sumo-0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You can now update tag to newer version ;)
4cfc6e9
to
9ee6f65
Compare
"I have a dream"... that we have a piece of high-level documentation describing collecting systemd logs, a bit like what we now have for collecting Kubernetes events: https://github.com/SumoLogic/sumologic-kubernetes-collection/blob/main/deploy/docs/collecting-kubernetes-events.md. |
directory: /var/log/journal | ||
## This is not a full equivalent of fluent-bit filtering as fluent-bit filters by `_SYSTEMD_UNIT` | ||
## Here is filtering by `UNIT` | ||
units: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does this list mean that if the user wants to customize this list, they just need to overwrite this property in their values.yaml
file? 😱 For example, if they want to exclude a specific unit, they need to replicate this whole list with the one unit excluded.
I don't know what the common use cases are (if there are any). Maybe there are no good reasons to customize this list. In that case, do we need to expose it? This question applies to this whole config.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, this PR is fluent-bit replacement. There is a lot of improvements we can take, but maybe there should be separate issues, so it will be more organised way to track them?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't know what the common use cases are (if there are any).
I don't think there are any, but we need to have some plan in case they'll appear
I would love to have this simple option:
but it is not possible now. We need to take it in If you think differently I can make some documentation draft as part of this PR :) |
TBH, maybe it is, but we need to have some final consensus about which approach to configuration we take |
34d766b
to
a7fd444
Compare
fc2e42d
to
0d897d4
Compare
Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>
Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>
Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>
Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>
Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>
Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>
Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>
Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>
Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>
Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>
Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>
Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>
Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>
Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>
Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>
0d897d4
to
3c2b95d
Compare
Signed-off-by: Dominik Rosiek <drosiek@sumologic.com>
Description
Add support for journald receiver. This behaves like fluent-bit with one small exception. Units for filtering are taken from different place.
Checklist
Testing performed