Fixes #204 by adding logstash filtering and kibana

lines for horizon
2014-10-14 14:27:18 -05:00 · 2014-10-14 14:27:18 -05:00 · 8e62ac0cdb
commit 8e62ac0cdb
parent dee5e8b144
3 changed files with 44 additions and 4 deletions
--- a/rpc_deployment/roles/kibana/templates/Next-Gen-RPC.json
+++ b/rpc_deployment/roles/kibana/templates/Next-Gen-RPC.json
@ -74,6 +74,15 @@
          "type": "lucene",
          "enable": true,
          "query": "tags:heat*"
+        },
+        "8": {
+          "id": 7,
+          "color": "#705DA0",
+          "alias": ""
+          "pin": false,
+          "type": "lucene",
+          "enable": true,
+          "query": "tags:horizon*"
        }
      },
      "ids": [
@ -84,7 +93,8 @@
        4,
        5,
        6,
-        7
+        7,
+        8
      ]
    },
    "filter": {
--- a/rpc_deployment/roles/logstash/templates/03-generic.conf
+++ b/rpc_deployment/roles/logstash/templates/03-generic.conf
@ -115,14 +115,34 @@ filter {
        # 1) 192.168.1.100 - - [10/Jun/2014:11:43:14 +0000] "POST http://192.168.1.100:5000/v2.0/tokens HTTP/1.0" 200 8374
        grok {
            match => [
-                "message", "%{COMMONAPACHELOG}"
+                "@message", "%{COMMONAPACHELOG}"
                ]
-            add_tag => [ "generic-apache-request" ]
+            add_field => {
+                "openstack_message" => "%{request} %{response}"
+                "os_level" => "%{verb}"
+            }
+            add_tag => [ "generic-apache-request", "horizon-generic" ]
            break_on_match => false
-            remove_field => ["message"] # overwrites original message with whats left
            tag_on_failure => []
        }
+
        #-----------------------------------------------------------------------
+        # Generic Apache Error
+        # i.e.:
+        # [Tue Oct 14 16:48:47.903895 2014] [ssl:info] [pid 1332:tid 140612212823808] [client 172.29.236.100:43523] AH01964: Connection to child 15 established (server aio1_horizon_container-616911e5:443)
+        grok {
+            match => [
+                "@message", "%{APACHE_ERROR}"
+                ]
+            add_field => {
+                "openstack_message" => "%{ERROR_MESSAGE}"
+                "os_level" => "%{SEVERITY}"
+            }
+            add_tag => [ "generic-apache-request", "horizon-generic" ]
+            break_on_match => false
+            tag_on_failure => []
+        }
+
    }
    #---------------------------------------------------------------------------
 }
--- a/rpc_deployment/roles/logstash/templates/extras
+++ b/rpc_deployment/roles/logstash/templates/extras
@ -13,3 +13,13 @@ OPENSTACK_FUNCTION ((?:\w+)\.?)+
 OPENSTACK_CODE (?:\[.*\])

 CONTAINER_STRIP (?:(\w+)(?=_container-\S+))
+
+FOUR_YEAR (?>=d){4}
+
+ERROR_STAMP %{DAY} %{MONTH} %{MONTHDAY} %{TIME} %{FOUR_YEAR}
+
+APACHE_PIDTID %{WORD:pid} %{POSINT:APACHE_PID}:%{WORD:tid} %{POSINT:APACHE_TID}
+
+APACHE_CLIENT %{WORD:client} %{IP}:%{POSINT:PORT}
+
+APACHE_ERROR \[%{ERROR_STAMP}\] \[%{DATA:MODULE}:%{DATA:SEVERITY}\] \[%{APACHE_PIDTID}\] \[%{APACHE_CLIENT}\] %{GREEDYDATA:ERROR_MESSAGE}