Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add structured logging to logs input #25299

Merged
merged 6 commits into from
Apr 28, 2021
Merged

Add structured logging to logs input #25299

merged 6 commits into from
Apr 28, 2021

Conversation

urso
Copy link

@urso urso commented Apr 25, 2021

  • Enhancement

What does this PR do?

The logging of the logs input is updated to make use of structured
logging. Each logs input instance will create an unique ID, that will be
logged as "input_id".
The input and harvester will also add file state information like:
source, state_id, finished, os_id. The os_id holds the inode, and
state_id is the ID that is used internally by filebeat to track the
file.

Why is it important?

By filtering the logs for one or the other ID, one can track all
logs at a different level. Filtering by "state_id" allows us to monitor
all logs and state changes for a given file, even if the file is
renamed, closed and reopened.

Checklist

  • My code follows the style guidelines of this project
    - [ ] I have commented my code, particularly in hard-to-understand areas
    - [ ] I have made corresponding changes to the documentation
    - [ ] I have made corresponding change to the default configuration files
    - [ ] I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

How to test this PR locally

Run filebeat with the logs input and debug logs enabled.

File state updates after a scan or harvester logs should log contextual information like the inode, state_id, harvester_id, input_id.

Add structured logging to logs input
0ed994a 
The logging of the logs input is updated to make use of structured
logging. Each logs input instance will create an unique ID, that will be
logged as "input_id".
The input and harvester will also add file state information like:
source, state_id, finished, os_id. The os_id holds the inode, and
state_id is the ID that is used internally by filebeat to track the
file.

By filtering the logs for one or the other ID, one can track all
logs at a different level. Filtering by "state_id" allows us to monitor
all logs and state changes for a given file, even if the file is
renamed, closed and reopened.
@botelastic botelastic bot added the needs_team Indicates that the issue/PR needs a Team:* label label Apr 25, 2021
@urso urso requested a review from kvch April 25, 2021 20:34
@urso urso added the Team:Elastic-Agent Label for the Agent team label Apr 25, 2021
@botelastic botelastic bot removed the needs_team Indicates that the issue/PR needs a Team:* label label Apr 25, 2021
@elasticmachine
Copy link
Collaborator

elasticmachine commented Apr 25, 2021
edited by jenkins-beats-ci bot
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview

Expand to view the summary

Build stats

  • Build Cause: Pull request #25299 updated

  • Start Time: 2021-04-27T20:36:45.338+0000

  • Duration: 121 min 1 sec

  • Commit: ba8fdde

Test stats 🧪

Test Results
Failed 0
Passed 13707
Skipped 2285
Total 15992

Trends 🧪

Image of Build Times

Image of Tests

💚 Flaky test report

Tests succeeded.

Expand to view the summary

Test stats 🧪

Test Results
Failed 0
Passed 13707
Skipped 2285
Total 15992

@urso urso marked this pull request as ready for review April 27, 2021 18:07
@elasticmachine
Copy link
Collaborator

Pinging @elastic/agent (Team:Agent)

@ph ph added the v7.14.0 label Apr 27, 2021
@ph
Copy link
Contributor

ph commented Apr 27, 2021

@urso is this something you want to add for 7.14?

@mergify
Copy link
Contributor

mergify bot commented Apr 27, 2021

This pull request is now in conflicts. Could you fix it? 🙏
To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/

git fetch upstream
git checkout -b fb-logs-log upstream/fb-logs-log
git merge upstream/master
git push upstream fb-logs-log

@urso
Copy link
Author

urso commented Apr 27, 2021

is this something you want to add for 7.14?

The item is 'complete' with this PR, so yeah it is 7.14 :)
As this helps debugging potential issues (correlating logs), this change goes under the unbrella of supportability.

@urso urso added the backport-v7.14.0 Automated backport with mergify label Apr 27, 2021
@urso urso merged commit 448afd4 into elastic:master Apr 28, 2021
@urso urso deleted the fb-logs-log branch April 28, 2021 14:47
mergify bot pushed a commit that referenced this pull request Apr 28, 2021
Add structured logging to logs input (#25299)
d405226 
(cherry picked from commit 448afd4)
@mergify mergify bot mentioned this pull request Apr 28, 2021
Merged
urso pushed a commit that referenced this pull request May 3, 2021
@mergify
Add structured logging to logs input (backport #25299) (#25390)
3258307 
(cherry picked from commit 448afd4)

Co-authored-by: Steffen Siering <steffen.siering@elastic.co>
@andresrc andresrc mentioned this pull request Jul 30, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kvch kvch kvch approved these changes

Assignees
No one assigned
Labels
backport-v7.14.0 Automated backport with mergify Team:Elastic-Agent Label for the Agent team v7.14.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@urso @elasticmachine @ph @kvch