Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(quickwit_output): implement the quickwit output #736

Merged
merged 1 commit into from
Jan 24, 2024
Merged

feat(quickwit_output): implement the quickwit output #736

merged 1 commit into from
Jan 24, 2024

Conversation

idrissneumann
Copy link
Contributor

What type of PR is this?

/kind feature

Any specific area of the project related to this PR?

/area outputs

What this PR does / why we need it:

Which issue(s) this PR fixes:

Fixes #640

Special notes for your reviewer:

@poiana
Copy link

poiana commented Dec 29, 2023

Welcome @idrissneumann! It looks like this is your first PR to falcosecurity/falcosidekick 🎉

@poiana poiana added the size/M label Dec 29, 2023
@idrissneumann idrissneumann mentioned this pull request Dec 29, 2023
Closed
@poiana poiana added size/L and removed size/M labels Dec 29, 2023
idrissneumann
idrissneumann commented Dec 29, 2023
View reviewed changes
main.go Outdated Show resolved Hide resolved
idrissneumann
idrissneumann commented Dec 29, 2023
View reviewed changes
outputs/quickwit.go Outdated Show resolved Hide resolved
idrissneumann
idrissneumann commented Dec 29, 2023
View reviewed changes
main.go Outdated Show resolved Hide resolved
Issif
Issif reviewed Jan 23, 2024
View reviewed changes
outputs/quickwit.go Outdated Show resolved Hide resolved
Issif
Issif requested changes Jan 23, 2024
View reviewed changes
Copy link
Member

@Issif Issif left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Only 1 thing to fix and we're good

@idrissneumann
Copy link
Contributor Author

@Issif Thanks. Done for your last comment and tested again, still working fine:

Screenshot 2024-01-24 at 06 38 14

fmassot
fmassot reviewed Jan 24, 2024
View reviewed changes
outputs/quickwit.go Outdated Show resolved Hide resolved
fmassot
fmassot reviewed Jan 24, 2024
View reviewed changes
config.go Outdated Show resolved Hide resolved
@idrissneumann idrissneumann force-pushed the feat_add_quickwit_output branch 2 times, most recently from c7cf633 to 82e6423 Compare January 24, 2024 10:08
@idrissneumann
Copy link
Contributor Author

@fmassot @Issif Done for the last comments of @fmassot . Tests ok:

Screenshot 2024-01-24 at 11 11 48 Screenshot 2024-01-24 at 11 13 04

Issif
Issif requested changes Jan 24, 2024
View reviewed changes
outputs/quickwit.go
Record: "basic",
Tokenizer: "raw",
},
FieldMappings: []QuickwitFieldMapping{
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Btw I think it'd be interesting to propose this feature (autocreate index with the mapping) for creating the Elasticsearch index, I can do that in a new PR too after this one :)

Yes sure, we just have the same issue with the output_fields, I let you create the PR later.

outputs/quickwit.go
Record: "basic",
Tokenizer: "raw",
},
FieldMappings: []QuickwitFieldMapping{
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@idrissneumann I notice the logs containing json are multi lines, can you use https://pkg.go.dev/encoding/json#Compact to minify them and have them on the same line please

Issif
Issif reviewed Jan 24, 2024
View reviewed changes
outputs/quickwit.go Outdated Show resolved Hide resolved
@idrissneumann
feat(quickwit_output): implement the quickwit output
2e9f3f5 
Signed-off-by: Idriss Neumann <idriss.neumann@comwork.io>
@Issif
Copy link
Member

Issif commented Jan 24, 2024

/lgtm

@poiana poiana added the lgtm label Jan 24, 2024
@poiana
Copy link

poiana commented Jan 24, 2024

LGTM label has been added.

Git tree hash: 3e825a0c4cdb8f4ecb05220888d1e31dc6dbf281

@poiana
Copy link

poiana commented Jan 24, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: idrissneumann, Issif

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@poiana poiana merged commit 05932ae into falcosecurity:master Jan 24, 2024
5 checks passed
This was referenced Jan 24, 2024
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Issif Issif Issif approved these changes

@cpanato cpanato Awaiting requested review from cpanato

@fjogeleit fjogeleit Awaiting requested review from fjogeleit

@fmassot fmassot Awaiting requested review from fmassot

Assignees

@Issif Issif

Labels
approved area/outputs dco-signoff: yes kind/feature New feature or request lgtm size/XL
Projects
Falcosidekick 2.x
Status: Done
Milestone
2.29.0
Development

Successfully merging this pull request may close these issues.

Add quickwit as a log output
4 participants
@idrissneumann @poiana @Issif @fmassot