Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(logs): systemd logs with otel and Fluent Bit #3042

Merged
merged 1 commit into from
May 11, 2023
Merged

fix(logs): systemd logs with otel and Fluent Bit #3042

merged 1 commit into from
May 11, 2023

Conversation

swiatekm
Copy link

When using Fluent Bit as the log collector and otel for metadata enrichment, systemd logs would arrive empty in Sumo. The reason for this is that Fluent Bit actually puts the systemd attributes in the equivalent of record attributes, while the otel log collector puts them in the body. The pipelines were the same, which caused the issue.

I've removed the unnecessary processors from the Fluent Bit pipeline.

Checklist

  • Changelog updated or skip changelog label added

@swiatekm swiatekm requested a review from a team as a code owner May 10, 2023 13:09
@swiatekm swiatekm mentioned this pull request May 10, 2023
Merged
1 task
rnishtala-sumo
rnishtala-sumo reviewed May 10, 2023
View reviewed changes
deploy/helm/sumologic/conf/logs/otelcol/config.yaml Outdated Show resolved Hide resolved
deploy/helm/sumologic/conf/logs/otelcol/config.yaml
@@ -557,8 +558,6 @@ service:
- groupbyattrs/systemd
- resource/add_cluster
- source/kubelet
- transform/remove_attributes
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wasn't sure why were removing the log attributes earlier

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We remove them for data from otel log collectors, because there the attributes come in as body attributes. So we delete existing record attributes and then copy attributes from the body to record attributes. Data coming in from Fluent Bit already has this in record attributes.

@swiatekm swiatekm force-pushed the fix/logs/systemd-otel-fluentbit branch from ad4587e to 6f02e35 Compare May 11, 2023 08:16
@swiatekm swiatekm force-pushed the fix/logs/systemd-otel-fluentbit branch from 6f02e35 to 010ac42 Compare May 11, 2023 08:33
@swiatekm swiatekm merged commit a88d7b3 into main May 11, 2023
@swiatekm swiatekm deleted the fix/logs/systemd-otel-fluentbit branch May 11, 2023 09:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

@andrzej-stencel andrzej-stencel andrzej-stencel approved these changes

@rnishtala-sumo rnishtala-sumo Awaiting requested review from rnishtala-sumo

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@swiatekm @andrzej-stencel @rnishtala-sumo