科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>open telemetry - OTEL Collector: Trying to handle multiline messages (stacktraces) as 1 log message - Stack Overflow

    open telemetry - OTEL Collector: Trying to handle multiline messages (stacktraces) as 1 log message - Stack Overflow

    programmeradmin1浏览0评论

    I have a 3rd party application which generates logs and I'm trying to send these logs to Elastic. An example of a log entry with stacktrace is:

    [2025-03-10T13:08:02.101] [Error] [2919984931741608162359] Setting Attribute Error: C:\data\cdata\TestClient1\Receive\Vulnerability Patch Policy Rock-IT (A14).docx
    at java.base/sun.nio.fs.WindowsException.translateToIOException(Unknown Source)
    at java.base/sun.nio.fs.WindowsException.rethrowAsIOException(Unknown Source)
    at java.base/sun.nio.fs.WindowsException.rethrowAsIOException(Unknown Source)
    at java.base/sun.nio.fs.WindowsFileAttributeViews$Basic.setFileTimes(Unknown Source)
    at java.base/sun.nio.fs.WindowsFileAttributeViews$Basic.setTimes(Unknown Source)
    at java.base/sun.nio.fs.AbstractBasicFileAttributeView.setAttribute(Unknown Source)
    at java.base/sun.nio.fs.AbstractFileSystemProvider.setAttribute(Unknown Source)
    at java.base/java.nio.file.Files.setAttribute(Unknown Source)
    at arc.connectors.sftpserver.a$e.a(Unknown Source)
    at arc.connectors.sftpserver.a.b(Unknown Source)
    at XcoreXarcX243X9159.lxc.a(Unknown Source)
    at XcoreXarcX243X9159.mw.b(Unknown Source)
    at XcoreXarcX243X9159.jw.a(Unknown Source)
    at XcoreXarcX243X9159.jw.a(Unknown Source)
    at XcoreXarcX243X9159.jw.p(Unknown Source)
    at XcoreXarcX243X9159.jw.i(Unknown Source)
    at XcoreXarcX243X9159.jw.s(Unknown Source)
    at XcoreXarcX243X9159.jw.r(Unknown Source)
    at XcoreXarcX243X9159.jw.a(Unknown Source)
    at XcoreXarcX243X9159.fv.e(Unknown Source)
    at XcoreXarcX243X9159.iv.e(Unknown Source)
    at XcoreXarcX243X9159.fv.a(Unknown Source)
    at XcoreXarcX243X9159.iv.a(Unknown Source)
    at XcoreXarcX243X9159.dp.c(Unknown Source)
    at XcoreXarcX243X9159.dp$1.a(Unknown Source)
    at XcoreXarcX243X9159.ep$a.a(Unknown Source)
    at XcoreXarcX243X9159.ep$a.o(Unknown Source)
    at XcoreXarcX243X9159.ep$a.run(Unknown Source)
    at java.base/java.lang.Thread.run(Unknown Source)

    I am trying to parse the first rule with regex to get the timestamp, severity and the log message. The log message should be all log lines combined. This is my config

    receivers:
  filelog:
     include: [ /logs/*.log ]
     include_file_path: true
     include_file_name: false
     operators:
     - id: parser_firstrule 
       regex: '\[(?P<time>[0-9]{4}-[0-9]{2}-[0-9]{2}T[0-9]{2}:[0-9]{2}:[0-9]{2}.[0-9]{3})] \[(?P<sev>[A-z]*)] \[(?P<something>[0-9]*)] (?P<msg>.*)'
       type: regex_parser
       timestamp:
         parse_from: attributes.time
         layout: '%Y-%m-%dT%H:%M:%S.%L'
       severity:
         parse_from: attributes.sev
     - type: recombine
       combine_field: body
       is_first_entry: body matches "^[^\\s]"
       source_identifier: attributes["log.file.path"]

    Parsing single log lines work (no stacktraces). However, when trying to parse stacktrace logs I get the error:

    2025-03-19T12:23:23.712Z    error   helper/transformer.go:100   Failed to process entry {"kind": "receiver", "name": "filelog", "data_type": "logs", "operator_id": "parser_firstrule", "operator_type": "regex_parser", "error": "regex pattern does not match", "action": "send"}
2025-03-19T12:23:23.712755177Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/operator/helper.(*TransformerOperator).HandleEntryError
2025-03-19T12:23:23.712759571Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/operator/helper/transformer.go:100
2025-03-19T12:23:23.712762643Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/operator/helper.(*ParserOperator).ParseWith
2025-03-19T12:23:23.712777721Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/operator/helper/parser.go:142
2025-03-19T12:23:23.712780155Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/operator/helper.(*ParserOperator).ProcessWithCallback
2025-03-19T12:23:23.712782543Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/operator/helper/parser.go:111
2025-03-19T12:23:23.712785021Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/operator/helper.(*ParserOperator).ProcessWith
2025-03-19T12:23:23.712787421Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/operator/helper/parser.go:98
2025-03-19T12:23:23.712789802Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/operator/parser/regex.(*Parser).Process
2025-03-19T12:23:23.712792208Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/operator/parser/regex/parser.go:31
2025-03-19T12:23:23.712794965Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/operator/helper.(*WriterOperator).Write
2025-03-19T12:23:23.712797368Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/operator/helper/writer.go:54
2025-03-19T12:23:23.712804706Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/operator/input/file.(*Input).emit
2025-03-19T12:23:23.712812597Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/operator/input/file/input.go:55
2025-03-19T12:23:23.712820222Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/fileconsumer/internal/reader.(*Reader).readContents
2025-03-19T12:23:23.712830624Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/fileconsumer/internal/reader/reader.go:212
2025-03-19T12:23:23.712839460Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/fileconsumer/internal/reader.(*Reader).ReadToEnd
2025-03-19T12:23:23.712847812Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/fileconsumer/internal/reader/reader.go:114
2025-03-19T12:23:23.712856214Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/fileconsumer.(*Manager).consume.func1
2025-03-19T12:23:23.712864869Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/fileconsumer/file.go:169
2025-03-19T12:23:23.712873935Z 2025-03-19T12:23:23.712Z error   reader/reader.go:214    failed to process token {"kind": "receiver", "name": "filelog", "data_type": "logs", "component": "fileconsumer", "path": "/logs/LT-220704-009.KKFHE3M6.23424.454593194.Arc.SFTPServer.2025-03-10.log", "error": "regex pattern does not match"}
2025-03-19T12:23:23.712886715Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/fileconsumer/internal/reader.(*Reader).readContents
2025-03-19T12:23:23.712895751Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/fileconsumer/internal/reader/reader.go:214
2025-03-19T12:23:23.712904651Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/fileconsumer/internal/reader.(*Reader).ReadToEnd
2025-03-19T12:23:23.712923058Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/fileconsumer/internal/reader/reader.go:114
2025-03-19T12:23:23.712931415Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/fileconsumer.(*Manager).consume.func1
2025-03-19T12:23:23.712940195Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/fileconsumer/file.go:169
2025-03-19T12:23:23.712949267Z 2025-03-19T12:23:23.712Z error   helper/transformer.go:100   Failed to process entry {"kind": "receiver", "name": "filelog", "data_type": "logs", "operator_id": "parser_firstrule", "operator_type": "regex_parser", "error": "regex pattern does not match", "action": "send"}
2025-03-19T12:23:23.712962130Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/operator/helper.(*TransformerOperator).HandleEntryError
2025-03-19T12:23:23.712970988Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/operator/helper/transformer.go:100
2025-03-19T12:23:23.712980422Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/operator/helper.(*ParserOperator).ParseWith
2025-03-19T12:23:23.712988758Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/operator/helper/parser.go:142
2025-03-19T12:23:23.712997514Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/operator/helper.(*ParserOperator).ProcessWithCallback
2025-03-19T12:23:23.713005933Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/operator/helper/parser.go:111
2025-03-19T12:23:23.713014508Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/operator/helper.(*ParserOperator).ProcessWith
2025-03-19T12:23:23.713023376Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/operator/helper/parser.go:98
2025-03-19T12:23:23.713032059Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/operator/parser/regex.(*Parser).Process
2025-03-19T12:23:23.713040416Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/operator/parser/regex/parser.go:31
2025-03-19T12:23:23.713048780Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/operator/helper.(*WriterOperator).Write
2025-03-19T12:23:23.713057274Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/operator/helper/writer.go:54
2025-03-19T12:23:23.713065494Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/operator/input/file.(*Input).emit
2025-03-19T12:23:23.713074012Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/operator/input/file/input.go:55
2025-03-19T12:23:23.713083045Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/fileconsumer/internal/reader.(*Reader).readContents
2025-03-19T12:23:23.713091588Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/fileconsumer/internal/reader/reader.go:212
2025-03-19T12:23:23.713100400Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/fileconsumer/internal/reader.(*Reader).ReadToEnd
2025-03-19T12:23:23.713116483Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/fileconsumer/internal/reader/reader.go:114
2025-03-19T12:23:23.713125340Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/fileconsumer.(*Manager).consume.func1
2025-03-19T12:23:23.713134062Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/fileconsumer/file.go:169
2025-03-19T12:23:23.713143649Z 2025-03-19T12:23:23.712Z error   reader/reader.go:214    failed to process token {"kind": "receiver", "name": "filelog", "data_type": "logs", "component": "fileconsumer", "path": "/logs/LT-220704-009.KKFHE3M6.23424.454593194.Arc.SFTPServer.2025-03-10.log", "error": "regex pattern does not match"}
2025-03-19T12:23:23.713155268Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/fileconsumer/internal/reader.(*Reader).readContents
2025-03-19T12:23:23.713163232Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/fileconsumer/internal/reader/reader.go:214
2025-03-19T12:23:23.713171981Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/fileconsumer/internal/reader.(*Reader).ReadToEnd
2025-03-19T12:23:23.713180374Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/fileconsumer/internal/reader/reader.go:114
2025-03-19T12:23:23.713189142Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/fileconsumer.(*Manager).consume.func1
2025-03-19T12:23:23.713198628Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/fileconsumer/file.go:169
2025-03-19T12:23:23.713207424Z 2025-03-19T12:23:23.712Z error   helper/transformer.go:100   Failed to process entry {"kind": "receiver", "name": "filelog", "data_type": "logs", "operator_id": "parser_firstrule", "operator_type": "regex_parser", "error": "regex pattern does not match", "action": "send"}
2025-03-19T12:23:23.713219034Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/operator/helper.(*TransformerOperator).HandleEntryError
2025-03-19T12:23:23.713227857Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/operator/helper/transformer.go:100
2025-03-19T12:23:23.713236702Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/operator/helper.(*ParserOperator).ParseWith
2025-03-19T12:23:23.713245092Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/operator/helper/parser.go:142
2025-03-19T12:23:23.713253437Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/operator/helper.(*ParserOperator).ProcessWithCallback
2025-03-19T12:23:23.713261819Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/operator/helper/parser.go:111
2025-03-19T12:23:23.713270441Z github/open-telemetry/opentelemetry-collector-contrib/pkg/stanza/operator/helper.(*ParserOperator).ProcessWith
2025-03-19T12:23:23.713279914Z  github/open-telemetry/opentelemetry-collector-contrib/pkg/[email protected]/operator/helper/parser.go:98
2025-03-19T12:23:23.713296245Z 
...
    继续浏览有关 的文章

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论