Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Filebeat] Adding wildcard support for log_group_name in cloudwatch input #21528

Closed
srolskyi opened this issue Oct 5, 2020 · 6 comments · Fixed by #26187
Closed

[Filebeat] Adding wildcard support for log_group_name in cloudwatch input #21528

srolskyi opened this issue Oct 5, 2020 · 6 comments · Fixed by #26187
Assignees
@kaiyan-sheng
Labels
enhancement size/M Team:Platforms Label for the Integrations - Platforms team

Comments

@srolskyi
Copy link

srolskyi commented Oct 5, 2020

Find awscloudwatch log groups by discovery(pattern)

For example I have ~400 log_groups and I should to parse only ~70
My log_group contain some similar names like:

/development/application/api-south
/development/application/api-west
/development/application/web-south
.....

My filebeat.yml configuration:

- type: awscloudwatch
  access_key_id: 0000000000000000000
  secret_access_key: 0000000000000000000
  log_group_name: /development/application/
  region_name: us-east-1
  scan_frequency: 10s
  start_position: beginning

Got an error:

2020-10-05T14:36:28.816Z	INFO	[awscloudwatch]	awscloudwatch/input.go:125	awscloudwatch input worker for log group: '/development/application/' has started
2020-10-05T14:36:28.816Z	INFO	[crawler]	beater/crawler.go:108	Loading and starting Inputs completed. Enabled inputs: 1
2020-10-05T14:36:28.816Z	INFO	cfgfile/reload.go:164	Config reloader started
2020-10-05T14:36:28.816Z	INFO	cfgfile/reload.go:224	Loading of config files completed.
2020-10-05T14:36:29.337Z	ERROR	[awscloudwatch]	awscloudwatch/input.go:189	failed FilterLogEventsRequestResourceNotFoundException: The specified log group does not exist.
	status code: 400, request id: 6fb32149-c2d1-49e3-9f41-f5a30810fae3

If I set: log_group_name: /development/application/* have similar issue:

getLogEventsFromCloudWatch failed: InvalidParameterException: 1 validation error detected: Value ':/development/application/*' at 'logGroupName' failed to satisfy constraint: Member must satisfy regular expression pattern: [\.\-_/#A-Za-z0-9]+

So for my configuration, I must set up 70 input configurations (for each log_group)? Or I lost something and I may use some special pattern?
@botelastic botelastic bot added the needs_team Indicates that the issue/PR needs a Team:* label label Oct 5, 2020
@andresrc andresrc added the Team:Platforms Label for the Integrations - Platforms team label Oct 6, 2020
@elasticmachine
Copy link
Collaborator

Pinging @elastic/integrations-platforms (Team:Platforms)

@botelastic botelastic bot removed the needs_team Indicates that the issue/PR needs a Team:* label label Oct 6, 2020
@kaiyan-sheng kaiyan-sheng self-assigned this Oct 6, 2020
@kaiyan-sheng
Copy link
Contributor

@srolskyi Thank you for reaching out! Yes we currently don't have the support for using wildcard in log_group_name config yet. I will use this issue to track the work for adding * support for log_group_name.

@EmViKay
Copy link

EmViKay commented Oct 7, 2020

@kaiyan-sheng we have the same issue.
Do you have some deadline for this task?

@kaiyan-sheng kaiyan-sheng changed the title [Filebeat] - input [awscloudwatch] The specified log group does not exist. [Filebeat] Adding wildcard support for log_group_name in cloudwatch input Dec 2, 2020
@masci masci added the size/M label Dec 17, 2020
@EmViKay
Copy link

EmViKay commented Mar 22, 2021

any updates? :)

@sunilmchaudhari
Copy link

Hi,
Any ETA for this?
when can we have this feature?

@kaiyan-sheng kaiyan-sheng mentioned this issue Jun 7, 2021
Merged
6 tasks
@kaiyan-sheng kaiyan-sheng mentioned this issue Jun 28, 2021
Merged
6 tasks
@chyeyun chyeyun mentioned this issue Nov 17, 2021
Closed
@chyeyun
Copy link

chyeyun commented Nov 17, 2021

@kaiyan-sheng
Hello, This is Hyeyun. I opened the issue case #29006 about that 'log_group_name_prefix' doesn't work.
Could you check that issue, please? Thank you.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kaiyan-sheng kaiyan-sheng

Labels
enhancement size/M Team:Platforms Label for the Integrations - Platforms team
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add log_group_name_prefix config option for aws-cloudwatch input
8 participants
@masci @andresrc @kaiyan-sheng @elasticmachine @sunilmchaudhari @EmViKay @srolskyi @chyeyun