New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[HAProxy] Fix the Grok pattern for parsing TCP logs #8255
Conversation
🌐 Coverage report
|
packages/haproxy/data_stream/log/elasticsearch/ingest_pipeline/default.yml
Show resolved
Hide resolved
haproxy log format is only TCP? Or is it one of them? |
@ishleenk17 HAProxy supports multiple log formats, TCP is just one of them. |
Testing DetailsTest Case Scenarios
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is cristal clear!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good!
Package haproxy - 1.10.1 containing this change is available at https://epr.elastic.co/search?package=haproxy |
It is still not OK! I suggested a new GROK pattern |
Proposed commit message
The PR contains changes to fix the Grok Pattern for parsing the HAProxy TCP logs. Currently, the Grok patterns in the ingest pipelines don't conform to the official TCP log format. The change is in the existing Grok pattern to add some optional fields, as well some sample raw logs for the ingest pipeline tests.
Checklist
changelog.yml
file.Author's Checklist
How to test this PR locally
elastic-package
elastic-package test pipeline -v
from the integrations/packages/haproxy directoryRelated issues