Closed laghao closed 4 years ago
Hi, I'm using fluentd-plugin-detect-exception to parse and ship logs to AWS-Cloudwatch using a patched version of "fluentd-kubernetes-daemonset" Docker Hub tag: adessoasaservice / fluentd-kubernetes-daemonset:v1.7.3-debian-cloudwatch-exception-1.0
having following gems:
gem "fluentd", "1.7.3" gem "oj", "3.8.1" gem "fluent-plugin-multi-format-parser", "~> 1.0.0" gem "fluent-plugin-concat", "~> 2.3.0" gem "fluent-plugin-grok-parser", "~> 2.5.0" gem "fluent-plugin-prometheus", "~> 1.5.0" gem 'fluent-plugin-json-in-json-2', ">= 1.0.2" gem "fluent-plugin-record-modifier", "~> 2.0.0" gem "fluent-plugin-rewrite-tag-filter", "~> 2.2.0" gem "aws-sdk-cloudwatchlogs", "~> 1.0" gem "fluent-plugin-detect-exceptions", "~> 0.0.12" gem "fluent-plugin-cloudwatch-logs", "~> 0.7.4" gem "fluent-plugin-kubernetes_metadata_filter", "~> 2.3.0" gem "ffi" gem "fluent-plugin-systemd", "~> 1.0.1"
and the configuration of fluentd as follow:
data: fluent.conf: | <match fluent.**> @type null </match> <source> @type tail enable_stat_watcher false path /var/log/containers/*.log exclude_path ["/var/log/containers/kube-*.log", "/var/log/containers/calico-*.log", "/var/log/containers/heapster-*.log", "/var/log/containers/etcd-*.log", "/var/log/containers/kubernetes-*.log", "/var/log/containers/fluentd-*.log", "/var/log/containers/monitoring-*.log"] pos_file /var/log/fluentd-containers.log.pos tag kubernetes.* format json keep_time_key true </source> <match kubernetes.**> @type detect_exceptions message log remove_tag_prefix kubernetes languages all multiline_flush_interval 0.5 </match> <filter kubernetes.**> @type kubernetes_metadata </filter> <match **> @type cloudwatch_logs log_group_name "#{ENV['LOG_GROUP_NAME']}" auto_create_stream true use_tag_as_stream true </match>
the logs of fluentd shows that the plugin is used, no errors but there's no logs parsed and shipped to Cloudwatch:
2019-10-10 07:13:30 +0000 [info]: starting fluentd-1.7.3 pid=6 ruby="2.6.4" 2019-10-10 07:13:30 +0000 [info]: spawn command to main: cmdline=["/usr/local/bin/ruby", "-Eascii-8bit:ascii-8bit", "/fluentd/vendor/bundle/ruby/2.6.0/bin/fluentd", "-c", "/fluentd/etc/fluent.conf", "-p", "/fluentd/plugins", "--gemfile", "/fluentd/Gemfile", "--under-supervisor"] 2019-10-10 07:13:31 +0000 [info]: gem 'fluent-plugin-cloudwatch-logs' version '0.7.4' 2019-10-10 07:13:31 +0000 [info]: gem 'fluent-plugin-concat' version '2.3.0' 2019-10-10 07:13:31 +0000 [info]: gem 'fluent-plugin-detect-exceptions' version '0.0.12' 2019-10-10 07:13:31 +0000 [info]: gem 'fluent-plugin-grok-parser' version '2.5.1' 2019-10-10 07:13:31 +0000 [info]: gem 'fluent-plugin-json-in-json-2' version '1.0.2' 2019-10-10 07:13:31 +0000 [info]: gem 'fluent-plugin-kubernetes_metadata_filter' version '2.3.0' 2019-10-10 07:13:31 +0000 [info]: gem 'fluent-plugin-multi-format-parser' version '1.0.0' 2019-10-10 07:13:31 +0000 [info]: gem 'fluent-plugin-prometheus' version '1.5.0' 2019-10-10 07:13:31 +0000 [info]: gem 'fluent-plugin-record-modifier' version '2.0.1' 2019-10-10 07:13:31 +0000 [info]: gem 'fluent-plugin-rewrite-tag-filter' version '2.2.0' 2019-10-10 07:13:31 +0000 [info]: gem 'fluent-plugin-systemd' version '1.0.2' 2019-10-10 07:13:31 +0000 [info]: gem 'fluentd' version '1.7.3' 2019-10-10 07:13:31 +0000 [info]: adding match pattern="fluent.**" type="null" 2019-10-10 07:13:31 +0000 [info]: adding match pattern="kubernetes.**" type="detect_exceptions" 2019-10-10 07:13:31 +0000 [info]: adding filter pattern="kubernetes.**" type="kubernetes_metadata" 2019-10-10 07:13:31 +0000 [info]: adding match pattern="**" type="cloudwatch_logs" 2019-10-10 07:13:31 +0000 [info]: adding source type="tail" 2019-10-10 07:13:31 +0000 [info]: adding source type="tail" 2019-10-10 07:13:31 +0000 [info]: adding source type="tail" 2019-10-10 07:13:31 +0000 [info]: adding source type="tail" 2019-10-10 07:13:31 +0000 [info]: adding source type="tail" 2019-10-10 07:13:31 +0000 [info]: adding source type="tail" 2019-10-10 07:13:31 +0000 [info]: adding source type="tail"
Thanks for the report. This plugin is intended to be used with Stackdriver. We don't know enough about CloudWatch to help.
Hi, I'm using fluentd-plugin-detect-exception to parse and ship logs to AWS-Cloudwatch using a patched version of "fluentd-kubernetes-daemonset" Docker Hub tag: adessoasaservice / fluentd-kubernetes-daemonset:v1.7.3-debian-cloudwatch-exception-1.0
having following gems:
and the configuration of fluentd as follow:
the logs of fluentd shows that the plugin is used, no errors but there's no logs parsed and shipped to Cloudwatch: