Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Please add a sample of a log record to advanced docs to help users visualize the records they might want to transform #598

Open
matthewmodestino opened this issue Dec 8, 2022 · 1 comment
Open

Please add a sample of a log record to advanced docs to help users visualize the records they might want to transform #598

matthewmodestino opened this issue Dec 8, 2022 · 1 comment
Labels
enhancement New feature or request Splunk Platform Issue related to Splunk Platform destination Stale

Comments

@matthewmodestino
Copy link

matthewmodestino commented Dec 8, 2022
edited
Loading

As a OTel native logging user, I would like a documented example of what a log record looks like as it passes through our logging receiver. This will help users visualize the records for when they need to do light parsing or transforms on the data at the agent level, or when they want to get adventurous and customize our default recievers or processors.

For example, I pulled this payload from an older version of the chart, when I hit an error log trying to use filelog operators. Helped me a ton to get the config right.

{
  "timestamp": "2022-03-28T17:14:05.304227873Z",
  "body": {
    "container_name": "calico-node",
    "log": "2022-03-28 17:14:05.303 [INFO][82] monitor-addresses/startup.go 774: Using autodetected IPv4 address on interface ens5: 10.202.0.40/21",
    "logtag": "F",
    "namespace": "kube-system",
    "pod_name": "calico-node-2mzdf",
    "restart_count": "0",
    "stream": "stdout",
    "uid": "c273b74e-2f9b-4c21-8912-20f6681ea6b3"
  },
  "attributes": {
    "log.iostream": "stdout"
  },
  "resource": {
    "com.splunk.source": "/var/log/pods/kube-system_calico-node-2mzdf_c273b74e-2f9b-4c21-8912-20f6681ea6b3/calico-node/0.log",
    "com.splunk.sourcetype": "kube:container:calico-node",
    "k8s.container.name": "calico-node",
    "k8s.container.restart_count": "0",
    "k8s.namespace.name": "kube-system",
    "k8s.pod.name": "calico-node-2mzdf",
    "k8s.pod.uid": "c273b74e-2f9b-4c21-8912-20f6681ea6b3"
  },
  "severity": 0
}

It really helped me learning OTel to reason about how to manipulate the data for user outcomes.
@atoulme atoulme added the enhancement New feature or request label Jan 7, 2023
@atoulme atoulme added the Splunk Platform Issue related to Splunk Platform destination label Apr 5, 2023
@github-actions
Copy link
Contributor

github-actions bot commented Oct 10, 2023
edited by atoulme
Loading

This issue has been inactive for 60 days. It will be closed in 60 days if there is no activity. If this issue is still relevant, please ping the code owners or leave a comment explaining why it is still relevant. Otherwise, please close it.

@github-actions github-actions bot added the Stale label Oct 10, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request Splunk Platform Issue related to Splunk Platform destination Stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@atoulme @matthewmodestino