Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix Elasticsearch GC logs ingestion from Docker logs #17164

Merged
merged 7 commits into from
Mar 24, 2020
Merged

Fix Elasticsearch GC logs ingestion from Docker logs #17164

merged 7 commits into from
Mar 24, 2020

Conversation

ycombinator
Copy link
Contributor

@ycombinator ycombinator commented Mar 20, 2020
edited by zube bot
Loading

What does this PR do?

This PR fixes the ingestion of Elasticsearch GC logs when Elasticsearch is running in Docker.

Why is it important?

Before this PR, the elasticsearch.gc fileset was collecting all Elasticsearch logs emitted by the Docker container running Elasticsearch.

Checklist

  • My code follows the style guidelines of this project
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works

Related issues

kesslerm and others added 2 commits March 20, 2020 11:18
@kesslerm @ycombinator
[Filebeat][elasticsearch] fix JSON lines picked up in gc.logs
5e779ce 
When used with docker autodiscover, the elasticsearch gc module
erroneously picks up JSON formatted line from docker's stdout.

Fix by excluding lines that start with `{`.
@ycombinator
Adding test files
265b2fd
@ycombinator ycombinator mentioned this pull request Mar 20, 2020
Closed
@ycombinator ycombinator requested a review from a team March 20, 2020 19:59
@elasticmachine
Copy link
Collaborator

Pinging @elastic/stack-monitoring (Stack monitoring)

@ycombinator ycombinator added module Team:Services (Deprecated) Label for the former Integrations-Services team labels Mar 20, 2020
@elasticmachine
Copy link
Collaborator

Pinging @elastic/integrations-services (Team:Services)

kaiyan-sheng
kaiyan-sheng approved these changes Mar 24, 2020
View reviewed changes
Copy link
Contributor

@kaiyan-sheng kaiyan-sheng left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good now! Thanks!

@ycombinator
Copy link
Contributor Author

Travis CI is green and Jenkins CI failures are unrelated. Merging.

@ycombinator ycombinator merged commit 389aba7 into elastic:master Mar 24, 2020
@ycombinator ycombinator deleted the fb-es-gc-docker branch March 24, 2020 14:31
@ycombinator ycombinator mentioned this pull request Mar 24, 2020
Merged
ycombinator added a commit to ycombinator/beats that referenced this pull request Mar 24, 2020
@ycombinator @kesslerm
Fix Elasticsearch GC logs ingestion from Docker logs (elastic#17164)
4eeaeee 
* [Filebeat][elasticsearch] fix JSON lines picked up in gc.logs

When used with docker autodiscover, the elasticsearch gc module
erroneously picks up JSON formatted line from docker's stdout.

Fix by excluding lines that start with `{`.

* Adding test files

* Adding CHANGELOG entry

* Moving test files to correct fileset

* Introduce GC log entry in test fixture + golden file

* Make sure multiline pattern excludes lines starting with {

* Fixing golden file

Co-authored-by: Magnus Kessler <magnus.kessler@elastic.co>
@ycombinator ycombinator mentioned this pull request Mar 24, 2020
Merged
@ycombinator ycombinator removed the needs_backport PR is waiting to be backported to other branches. label Mar 24, 2020
ycombinator added a commit that referenced this pull request Mar 24, 2020
@ycombinator @kesslerm
Fix Elasticsearch GC logs ingestion from Docker logs (#17164) (#17206)
36666d8 
* [Filebeat][elasticsearch] fix JSON lines picked up in gc.logs

When used with docker autodiscover, the elasticsearch gc module
erroneously picks up JSON formatted line from docker's stdout.

Fix by excluding lines that start with `{`.

* Adding test files

* Adding CHANGELOG entry

* Moving test files to correct fileset

* Introduce GC log entry in test fixture + golden file

* Make sure multiline pattern excludes lines starting with {

* Fixing golden file

Co-authored-by: Magnus Kessler <magnus.kessler@elastic.co>

Co-authored-by: Magnus Kessler <magnus.kessler@elastic.co>
ycombinator added a commit to ycombinator/beats that referenced this pull request Mar 25, 2020
@ycombinator @kesslerm
Fix Elasticsearch GC logs ingestion from Docker logs (elastic#17164)
0e72c98 
* [Filebeat][elasticsearch] fix JSON lines picked up in gc.logs

When used with docker autodiscover, the elasticsearch gc module
erroneously picks up JSON formatted line from docker's stdout.

Fix by excluding lines that start with `{`.

* Adding test files

* Adding CHANGELOG entry

* Moving test files to correct fileset

* Introduce GC log entry in test fixture + golden file

* Make sure multiline pattern excludes lines starting with {

* Fixing golden file

Co-authored-by: Magnus Kessler <magnus.kessler@elastic.co>
ycombinator added a commit that referenced this pull request Mar 25, 2020
@ycombinator @kesslerm
[7.6] Fix Elasticsearch GC logs ingestion from Docker logs (#17164) (#…
d57bcf8 
…17207)

* Fix Elasticsearch GC logs ingestion from Docker logs (#17164)

* [Filebeat][elasticsearch] fix JSON lines picked up in gc.logs

When used with docker autodiscover, the elasticsearch gc module
erroneously picks up JSON formatted line from docker's stdout.

Fix by excluding lines that start with `{`.

* Adding test files

* Adding CHANGELOG entry

* Moving test files to correct fileset

* Introduce GC log entry in test fixture + golden file

* Make sure multiline pattern excludes lines starting with {

* Fixing golden file

Co-authored-by: Magnus Kessler <magnus.kessler@elastic.co>

* Cleaning up CHANGELOG

* Removing event.{kind,category,type} fields (only available starting 7.7)

Co-authored-by: Magnus Kessler <magnus.kessler@elastic.co>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kaiyan-sheng kaiyan-sheng kaiyan-sheng approved these changes

Assignees
No one assigned
Labels
bug Feature:Stack Monitoring Filebeat Filebeat module Team:Services (Deprecated) Label for the former Integrations-Services team v7.6.3 v7.7.0 v8.0.0
Projects
None yet
Milestone
No milestone
5 participants
@ycombinator @elasticmachine @kaiyan-sheng @andresrc @kesslerm