Comments (34)
I created a branch multiple-logfiles
and pushed an initial implementation. It works in a quick manual test on my machine, but it's not tested extensively.
The config is pretty simple: Set config_version: 3
, and use inputs
instead of input
. Within inputs
you can put a list of inputs, like this:
global:
config_version: 3
inputs:
- type: file
path: ./example/exim-rejected-RCPT-examples.log
- type: file
path: ./example/exim-rejected-RCPT-examples2.log
...
By default, a new label input
is added automatically to each metric containing the path of the config file (you can reconfigure that using input_label_name
in the global
section and input_label_value
in the inputs
section, see test code for examples).
Apart from tests, there are still some things to figure out.
- Would it be useful to support wildcards for file names in the config?
- Should metrics be restricted to specific files (as of now, all metrics are matched with all files)?
If you have feedback, please comment here.
from grok_exporter.
I should really start working on it. I hope there will be some time for it in February.
from grok_exporter.
Please don't use the multiple-logfiles
branch. I started working on this on the master branch, and the implementation will not be based on that branch. Current status:
- All file tailers now support multiple log files.
- The pattern matcher still reads log lines from the old file tailer interface. Difference is that currently the tailer produces lines, the new tailer produces line/filename tuples. Need to use the new interface in the matcher.
- Need tests (there are some corner cases, like moving a logfile so that it is still watched after the move, moving a logfile overwriting another logfile, etc)
- When all tests are green, expose the new functionality in the config.
I currently manage to do one small commit per evening, if I keep this up it should be done in two weeks or so.
from grok_exporter.
Not yet, but I hope soon. I know I am saying this for a long time now, but with two small children even finding a free hour for hobby software projects can be challenging. I am positive that I will start working on grok_exporter
regularly again, but I think I need to stop making promises as to when this will be (I think it's probably in the next month, but I thought that before and it didn't work out yet...)
from grok_exporter.
Looking forward to this feature.
from grok_exporter.
I do not need wildcards but metrics per file is what I need.
from grok_exporter.
Looking forward to wild card support too!
from grok_exporter.
Hi,
I think grok_exporter deserves a wildcard support for Kubernetes use case: all my logs on the node are in /var/log/containers and I need to extract metrics from logs generated by a deployment (which is, pods starting with a common prefix). All the logs are named after the pod and therefore have a common prefix and a variable suffix each time I redeploy or a new pod is scheduled.
Telegraf currently does support a path with a wildcard, but I find this product too much overkilled.
It would be wonderful if you could get us a viable alternative to the InfluxData product.
Thanks
from grok_exporter.
Can't wait for this! 👍
from grok_exporter.
Currently grok_exporter only supports a single file, so if you want to monitor multiple files you need to start multiple grok_exporter instances. However, I plan to implement support for multiple log files within the next few weeks, as soon as I find the time. I'm leaving this issue open until it's done.
from grok_exporter.
Currently grok_exporter only supports a single file...
Which makes most sense in sidecar use-case 👍
from grok_exporter.
In case anyone wonders why this is not supported yet: Implementing support for multiple log files might require only a few code changes, but there could be unexpected side effects and corner cases, so I would like to implement an extensive automated test first:
- What if events on different files occur at the same time? Are there any races or timing issues?
- What if a file being monitored is renamed, overwriting another file that is also being monitored?
- What are the implications if multiple files are on different filesystems vs on the same filesystem?
- ... there are many more things that should be tested
My plan is to write automated tests first, and then implement support for monitoring multiple files. I will only release it if I am sure it works even with strange corner cases. It might take another few weeks until I find the time.
from grok_exporter.
@fstab thanks, sounds great! I agree watching multiple files isn't trivial to get right. Prometheus at least should contain some sample code that does this for file_sd_configs
used with wildcards, for the filesystem-related part that is.
from grok_exporter.
@fstab is this still WIP? Is there like an "early access branch"?
from grok_exporter.
It's still WIP, but I currently have very limited time. As soon as I find the time it will be the first feature I will work on (except there are bugs, bugs have higher priority). I am hoping I will find some time around Easter, but I can't really promise it. If someone wants to help out and create a pull request: please go ahead!
from grok_exporter.
@fstab Thank you for your work on this.
Regarding your questions :
-
I think wildcards are a nice feature
-
Matches should be specified per file, as "error" in a file might not be interesting, or it might be that in a file "error" is counter and in another file is a gauge.
from grok_exporter.
Hi @fstab
Would it be useful to support wildcards for file names in the config?
Should metrics be restricted to specific files (as of now, all metrics are matched with all files)?
I think having a folder and setting a wild card like "*.log" would be a better solution since the application log rotation settings sometimes zip the older logs. and they create logs with a timestamp appended to the file name, like appliction-9999_12_30_12:00:00.log
from grok_exporter.
Wildcards would be very useful. Besides it would be great to specify wildcards for directories too.
Something like: /var/log/nginx/*/*.log
from grok_exporter.
Hi =) Any progress with the subject? It would be very useful feature.
from grok_exporter.
Hi @fstab Is this feature already implemented ?
from grok_exporter.
I created a branch
multiple-logfiles
and pushed an initial implementation. It works in a quick manual test on my machine, but it's not tested extensively.The config is pretty simple: Set
config_version: 3
, and useinputs
instead ofinput
. Withininputs
you can put a list of inputs, like this:global: config_version: 3 inputs: - type: file path: ./example/exim-rejected-RCPT-examples.log - type: file path: ./example/exim-rejected-RCPT-examples2.log ...By default, a new label
input
is added automatically to each metric containing the path of the config file (you can reconfigure that usinginput_label_name
in theglobal
section andinput_label_value
in theinputs
section, see test code for examples).Apart from tests, there are still some things to figure out.
- Would it be useful to support wildcards for file names in the config?
- Should metrics be restricted to specific files (as of now, all metrics are matched with all files)?
If you have feedback, please comment here.
Does multiple-logfiles branch support "fail_on_missing_logfile: false/true"? I tried it locally and grok exporter still fails to start even if fail_on_missing_logfile is set to false. Is there any way we can get around with this?
from grok_exporter.
Hey @fstab
I just had a related question. Log files I am trying to export data from have day's date in them and they rotate daily. I wanted to tail the latest file - say access-20190410.log. Is there a workaround to do so.
Thanks,
Sandeep
from grok_exporter.
@sandeepdharembra you are commenting in the right ticket. When this ticket is done grok_exporter
will support wildcards, like access-*.log
. This will monitor all files (not just the latest), but as long as no process writes to the old files it will do what you want. However, I'm afraid you need to wait until this ticket is done.
from grok_exporter.
Hi,is it in progress that metrics may define filters to specify which files they apply to?it is really useful when multiple files are supported.
from grok_exporter.
Hi, is this available only on the multiple-logfiles branch? I need to configure only a list of inputs with two files.
from grok_exporter.
Please don't use this branch but start two grok_exporter
instances instead. I'm still planning to finish support for multiple config files, but it will not be based on this branch.
from grok_exporter.
@fstab Is this feature already implemented ? Or which branch should I use?
from grok_exporter.
The last comment is still valid:
start two grok_exporter instances. I'm still planning to finish support for multiple config files, but it will not be based on this branch.
from grok_exporter.
Good news: I just pushed an implementation that supports wildcards. Sorry that it took so long. I will need to add a few tests before building a release. If you want to try it, you can build the master
branch from source.
The input
section now supports wildcards in path
, but only on the file level, not on a directory level. If you want more than one path, you can replace path
with paths
and configure a list of paths (they also may contain wildcards).
By default, the metrics are applied to all log files. If you want to restrict a metric to one or more specific paths, you can add a path
or paths
option to a metric configuration. This is like a filter, the metric is then only applied when the path matches.
I will describe it more detailed when I update the documentation.
from grok_exporter.
Updated documentation is on the release
branch https://github.com/fstab/grok_exporter/blob/release/CONFIG.md
from grok_exporter.
Released it as v1.0.0.RC1. Documentation is merged to master
. Please open a new issue if there are any problems with multiple log file support.
from grok_exporter.
Thanks !
from grok_exporter.
from grok_exporter.
from grok_exporter.
Related Issues (20)
- Feature Request: Option to specify ciphers or minimum TLS version HOT 2
- fail_on_missing_logfile for missing directories HOT 3
- Feature Request : Config option to expose metrics as a .prom file
- Issue reading Multiple files:
- how to match regex upper case/lower case insensitively
- Is grok able to watch only the latest log in dir?
- how to use regex group match and use matched group name label? HOT 1
- Can the latest version cover multi-line pattern match?
- if string exists HOT 7
- Use Gauge metric to find DB connectivity status HOT 1
- Exclude char HOT 2
- Does it support Elastic Search Open Distro HOT 1
- Configure for AWS ALB/CLB Logs or Cloudfront
- grok timestamp diffrent
- grok fails on insufficient permissions when fail_on_missing_logfile is false
- mutiple depth doc support HOT 1
- How can I use FuncMap to help transform data from the log, inside a template?
- Always report counter metric (initialize to zero) HOT 1
- match fails after encountering binary text within file
- Update or let someone else maintain this repo HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from grok_exporter.