Enrich logs with Container and Kubernetes tags/labels #158

otisg · 2019-04-04T15:27:39Z

So one can filter by them.

megastef · 2020-02-19T18:57:58Z

Closing. Logagent has very rich k8s and container meta-data. See the example below.

{
  "@timestamp": "2020-02-19T18:52:07.098Z",
  "message": "2020-02-19T18:52:07.098Z v3.0.15 pid[25] Error in Elasticsearch request:  ...",
  "severity": "error",
  "os": {
    "host": "ip-XX-X-X-XXX"
  },
  "logSource": "sha256:c2ba71d336b3ef9a4210aba7e698cfd87c8cacbd435f7faf4cffe627198ca126_k8s_logs-heroku-receiver_logs-heroku-receiver-678fffbf56-nt578_default_3bd925d8-906b-4e5d-ba6c-196048f1be68_0_6aeb2cf21fc6",
  "container": {
    "id": "6aeb2cf21fc670ba6235651a4195f07e357c5b05909db840c7c9984badea8806",
    "type": "docker",
    "name": "k8s_logs-heroku-receiver_logs-heroku-receiver-678fffbf56-nt578_default_3bd925d8-906b-4e5d-ba6c-196048f1be68_0",
    "image": {
      "name": "sematext/logagent",
      "tag": "3.0.15",
      "digest": "sha256:c2ba71d336b3ef9a4210aba7e698cfd87c8cacbd435f7faf4cffe627198ca126"
    },
    "host": {
      "hostname": "ip-XX-X-X-XXX"
    }
  },
  "labels": {
    "io_kubernetes_container_logpath": "/var/log/pods/default_logs-heroku-receiver-678fffbf56-nt578_3bd925d8-906b-4e5d-ba6c-196048f1be68/logs-heroku-receiver/0.log",
    "io_kubernetes_container_name": "logs-heroku-receiver",
    "io_kubernetes_docker_type": "container",
    "io_kubernetes_pod_name": "logs-heroku-receiver-678fffbf56-nt578",
    "io_kubernetes_pod_namespace": "default",
    "io_kubernetes_pod_uid": "3bd925d8-906b-4e5d-ba6c-196048f1be68",
    "io_kubernetes_sandbox_id": "68f11e64187baaf14329c93b7a934e255006105d22df250e383a40c5d5660943",
    "annotation_io_kubernetes_container_hash": "fddfb4eb",
    "annotation_io_kubernetes_container_ports": "[{\"name\":\"http\",\"containerPort\":8080,\"protocol\":\"TCP\"}]",
    "annotation_io_kubernetes_container_restartCount": "0",
    "annotation_io_kubernetes_container_terminationMessagePath": "/dev/termination-log",
    "annotation_io_kubernetes_container_terminationMessagePolicy": "File",
    "annotation_io_kubernetes_pod_terminationGracePeriod": "30"
  },
  "kubernetes": {
    "pod": {
      "name": "logs-heroku-receiver-678fffbf56-nt578",
      "uid": "3bd925d8-906b-4e5d-ba6c-196048f1be68",
      "container": {
        "name": "logs-heroku-receiver"
      }
    },
    "namespace": "default"
  },
  "@timestamp_received": "2020-02-19T18:52:09.281Z",
  "logsene_orig_type": "logs"
}

otisg changed the title ~~Enrich logs with Container and Kubernetes tabs/labels~~ Enrich logs with Container and Kubernetes tags/labels Apr 4, 2019

otisg mentioned this issue Apr 12, 2019

Collect tags from the environment #128

Open

megastef closed this as completed Feb 19, 2020

mikolajroszak mentioned this issue Mar 19, 2024

[Snyk] Upgrade flat from 5.0.2 to 6.0.1 mikolajroszak/logagent-js#7

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Enrich logs with Container and Kubernetes tags/labels #158

Enrich logs with Container and Kubernetes tags/labels #158

otisg commented Apr 4, 2019

megastef commented Feb 19, 2020

Enrich logs with Container and Kubernetes tags/labels #158

Enrich logs with Container and Kubernetes tags/labels #158

Comments

otisg commented Apr 4, 2019

megastef commented Feb 19, 2020