openstack/kolla-ansible
Code Issues Proposed changes
kolla-ansible/ansible/roles/monasca/templates/monasca-log-transformer/log-transformer.conf.j2
Isaac Prior 3010d4c391 Fixes Monasca log transformer UTC offset exception 
Monasca log transformer currently throws exceptions on encountering a 
non-UTC time offset (+0000):
"""
"exception": "Invalid format: \"2019-08-08 17:39:45 +0100\" is malformed at \" +0100\"",
"config_parsers":"yyyy-MM-dd HH:mm:ss +0000,ISO8601"}
"""

This fix allows logstash to interpret any valid ISO8601 offset.

Change-Id: Id70c3dd9cdcf681e955931f18a054e19cc284c0a
Closes-Bug: #1839597
2019-08-13 08:46:29 +00:00

48 lines
1.6 KiB
Django/Jinja
Raw Blame History

# Provide input/output streams for transforming Monasca logs.
# Filters should be provided in other configuration files.
input {
kafka {
zk_connect => "{{ monasca_zookeeper_servers }}"
topic_id => "{{ monasca_raw_logs_topic }}"
group_id => "log_transformer"
consumer_id => "log_transformer_{{ ansible_hostname }}"
consumer_threads => "{{ monasca_log_pipeline_threads }}"
}
}
filter {
# Update the timestamp of the event based on the time in the message.
date {
match => [ "[log][dimensions][timestamp]", "yyyy-MM-dd HH:mm:ss Z", "ISO8601"]
remove_field => [ "[log][dimensions][timestamp]", "[log][dimensions][Timestamp]" ]
}
# Monasca Log API adds a timestamp when it processes a log entry. This
# timestamp needs to be converted from seconds since the epoch for
# Elasticsearch to parse it correctly. Here we make that conversion.
date {
match => ["creation_time", "UNIX"]
target => "creation_time"
}
# OpenStack log levels are uppercase, and syslog are lowercase.
# Furthermore, syslog has more log levels that OpenStack. To avoid
# mapping syslog log levels to OpenStack log levels, we standardise
# on the syslog style here.
if [log][dimensions][log_level] {
mutate {
lowercase => [ "[log][dimensions][log_level]" ]
}
}
}
output {
kafka {
bootstrap_servers => "{{ monasca_kafka_servers }}"
topic_id => "{{ monasca_transformed_logs_topic }}"
client_id => "log_transformer_{{ ansible_hostname }}"
workers => {{ monasca_log_pipeline_threads|int }}
}
}
View Git Blame Copy Permalink