【发布时间】:2019-07-14 08:23:51
【问题描述】:
我正在使用最新的 Fluentd /td-agent。如何过滤从 Fluentd 流式传输到 Elasticsearch 的活跃度、就绪性健康检查?我也想排除 fluent.trace。从 Kibana 看到的示例输出:
{
"_index": "aspnetapistarter.logs-2019.07.14",
"_type": "_doc",
"_id": "zFSL72sBodUyUY6Nychc",
"_version": 1,
"_score": null,
"_source": {
"@timestamp": "2019-07-14T08:13:59.1083593+00:00",
"level": "Information",
"messageTemplate": "{HostingRequestStartingLog:l}",
"message": "Request starting HTTP/1.1 GET http://10.1.1.55:5000/health/live ",
"fields": {
"Protocol": "HTTP/1.1",
"Method": "GET",
"ContentType": null,
"ContentLength": null,
"Scheme": "http",
"Host": "10.1.1.55:5000",
"PathBase": "",
"Path": "/health/live",
"QueryString": "",
"HostingRequestStartingLog": "Request starting HTTP/1.1 GET http://10.1.1.55:5000/health/live ",
"EventId": {
"Id": 1
},
"SourceContext": "Microsoft.AspNetCore.Hosting.Internal.WebHost",
"RequestId": "0HLO86B34CTB4:00000001",
"RequestPath": "/health/live",
"CorrelationId": null,
"ConnectionId": "0HLO86B34CTB4"
},
"renderings": {
"HostingRequestStartingLog": [
{
"Format": "l",
"Rendering": "Request starting HTTP/1.1 GET http://10.1.1.55:5000/health/live "
}
]
},
"tag": "aspnetcore"
},
"fields": {
"@timestamp": [
"2019-07-14T08:13:59.108Z"
]
},
"sort": [
1563092039108
]
}
我试过了,但是不行:
<filter fluent.*>
@type grep
<exclude>
key tag
pattern fluent.trace
</exclude>
</filter>
<filter aspnetcore-access>
@type grep
<exclude>
key fields.Path
pattern health
</exclude>
</filter>
<filter aspnetcore-access>
@type grep
<exclude>
key fields.RequestPath
pattern health
</exclude>
</filter>
谢谢。 WTF 是这样的:“看起来你的帖子主要是代码;请添加更多细节。”
【问题讨论】:
标签: elasticsearch logging filter kubernetes fluentd