Closed krohrsb closed 1 year ago
I see the error. The unmarshal json function has been directed to Line.Raw
, however, it should be evt.Parsed.message
so it respects the s00 raw parsers i will push a fix tomorrow
Oh awesome. Thank you!
For now I have loaded my own copy of the parser and modified it manually.
Using this as the filter - filter: UnmarshalJSON(evt.Parsed.message, evt.Unmarshaled, "traefik") in ["", nil]
and all is good.
I leverage containerd + traefik in my system. However I am getting 0 parsed traefik logs for some reason. I output them as JSON.
From the logs, it appears cri-logs does run and process things, then traefik parser kicks in but is operating on the CRI entry instead of the extracted JSON.
I am wondering why it appears that CRI is successful, then traefik starts operating on the same line instead of the parsed line?
e.g.,
UnmarshalJSON : invalid character '-' after top-level value" line="2023-08-31T17:57:33.578239803Z stdout F {\"ClientAddr\":\"10.42.0.111:47....rest of json
-- Note it prefixed with CRI formatting.I could also be misunderstanding.
Thanks.
Subset of my helm arguments.