New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RHDEVDOCS-3217 Tweaks to JSON parsing topics #35248
Conversation
rolfedh
commented
Aug 5, 2021
•
edited
edited
- Aligned team: Dev Tools
- For branches: 4.7+
- Jira: https://issues.redhat.com/browse/RHDEVDOCS-3217
- Direct link to doc preview: https://deploy-preview-35248--osdocs.netlify.app/openshift-enterprise/latest/logging/cluster-logging-enabling-json-logging.html
- FYI: @alanconway
- SME review: @sichvoge
- QE review: @kabirbhartiRH
- Peer review: @ tbd
✔️ Deploy Preview for osdocs ready! 🔨 Explore the source changes: 4dc7ccf 🔍 Inspect the deploy log: https://app.netlify.com/sites/osdocs/deploys/610c2edb758f3d00085d82b5 😎 Browse the preview: https://deploy-preview-35248--osdocs.netlify.app |
modules/cluster-logging-configuration-of-json-log-data-for-default-elasticsearch.adoc
Outdated
Show resolved
Hide resolved
modules/cluster-logging-configuration-of-json-log-data-for-default-elasticsearch.adoc
Outdated
Show resolved
Hide resolved
modules/cluster-logging-configuration-of-json-log-data-for-default-elasticsearch.adoc
Outdated
Show resolved
Hide resolved
Updated to say "follow schemas" |
@sichvoge Thank you for your comments! This helps. Please review, comment, and/or approve. |
/lgtm |
/lgtm |
@@ -1,7 +1,14 @@ | |||
[id="cluster-logging-forwarding-json-logs-to-the-default-elasticsearch_{context}"] | |||
= Forwarding JSON logs to the Elasticsearch log store | |||
|
|||
For the Elasticsearch log store that OpenShift Logging manages, you must create a different index for each format in advance if your JSON log entries _have different formats_. Otherwise, forwarding different formats to the same index can cause type conflicts and cardinality problems. | |||
For an Elasticsearch log store, if your JSON log entries _follow different schemas_, configure the `ClusterLogForwarder` custom resource (CR) to group each JSON schema into a single output definition. This way, Elasticsearch uses a separate index for each schema. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think the emphasis on "follow different schemas" is necessary. But I see it was similarly done in the previous text, so I won't hold up the PR over it or anything.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We don't want users to fuss over this procedure if their JSON log entries all follow one schema. I'd welcome suggestions on a better way to word this.
modules/cluster-logging-forwarding-json-logs-to-the-default-elasticsearch.adoc
Outdated
Show resolved
Hide resolved
New changes are detected. LGTM label has been removed. |
/cherrypick enterprise-4.9 |
/cherrypick enterprise-4.8 |
/cherrypick enterprise-4.7 |
@bergerhoffer: new pull request created: #35262 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@bergerhoffer: new pull request created: #35263 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@bergerhoffer: #35248 failed to apply on top of branch "enterprise-4.7":
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@@ -16,7 +16,7 @@ OpenShift Logging aggregates the following types of logs: | |||
|
|||
* `application` - Container logs generated by user applications running in the cluster, except infrastructure container applications. | |||
* `infrastructure` - Logs generated by infrastructure components running in the cluster and {product-title} nodes, such as journal logs. Infrastructure components are pods that run in the `openshift*`, `kube*`, or `default` projects. | |||
* `audit` - Logs generated by auditd, the node audit system, which are stored in the */var/log/audit/audit.log* file, and the audit logs from the Kubernetes apiserver and the OpenShift apiserver. | |||
* `audit` - Logs generated by auditd, the node audit system, which are stored in the */var/log/audit/audit.log* file, and the audit logs from the Kubernetes apiserver and the OpenShift apiserver. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Here, I removed an errant space. @bergerhoffer