Heroku already includes a `desc` field in request logs with an error code

Financial-Times / splunk-heroku

Support for Heroku log drains packaged as a Splunk app.

https://tech.in.ft.com/tech-topics/logging/splunk/logging-from-heroku

MIT License

2 stars 0 forks source link

Heroku already includes a `desc` field in request logs with an error code #27

Closed sjparkinson closed 2 years ago

sjparkinson commented 2 years ago

Looking at some request logs with error codes, the lookup for a description is running, but the field is added as desc not as code_desc.

https://github.com/Financial-Times/splunk-heroku/blob/9e515cbdf25d53118b16cbb90d7b55febbced95d/app/default/props.conf#L32-L33

sjparkinson commented 2 years ago

It's even more unexpected!

It seems like a desc field is added to the _raw message, or already exists as set by Heroku. And a code_desc is added as a field, but not shown in the message.

sjparkinson commented 2 years ago

Ah so from https://devcenter.heroku.com/articles/error-codes, it looks like Heroku do now include a desc field in the logs. We can delete this lookup as it's duplication.

sjparkinson commented 2 years ago

Resolved in https://github.com/Financial-Times/splunk-heroku/commit/8b16dc7d91e76dfdd0bfc38f31877257449420a7.