search

fabric8io / fluent-plugin-kubernetes_metadata_filter

Enrich your fluentd events with Kubernetes metadata
Apache License 2.0
350 stars 166 forks source link

Not able to receive proper labels in Loki #269

Closed iamparamvs closed 3 years ago

iamparamvs commented 3 years ago

Fluentd Version: 1.11.4 fluent-plugin-kubernetes_metadata_filter version: 2.3.0 fluent-plugin-grafana-loki version: 1.2.16

I am using Fluentd daemonset on Openshift and trying to forward the logs to a Loki instance. Although I am able to see the labels and the logs in Grafana, the logs which are being received does not have all the labels attached to them, like , , , etc. I am using the below configuration and also attaching the screenshot of Grafana.

Configuration:

  fluent.conf: |
    <source>
      @type tail
      path /var/log/containers/*.log
      pos_file /var/log/fluentd-docker.pos
      read_from_head true
      tag kubernetes.*
      <parse>
        @type multi_format
        <pattern>
          format json
          time_key time
          time_type string
          time_format "%Y-%m-%dT%H:%M:%S.%NZ"
          keep_time_key false
        </pattern>
        <pattern>
          format regexp
          expression /^(?<time>.+) (?<stream>stdout|stderr)( (?<logtag>.))? (?<log>.*)$/
          time_format '%Y-%m-%dT%H:%M:%S.%N%:z'
          keep_time_key false
        </pattern>
      </parse>
    </source>

    <label @FLUENT_LOG>
      <match fluent.*>
        @type null
      </match>
    </label>

    <filter kubernetes.var.log.containers.**.log>
      @type kubernetes_metadata
      @id filter_kube_metadata
      @log_level debug
    </filter>

    <match kubernetes.**>
      @type loki
      url "http://loki.loki:3100"
      username ""
      password ""
      extract_kubernetes_labels true
      <buffer>
        @type memory
        flush_mode interval
        flush_interval 5s
        chunk_limit_size 1m
        flush_thread_interval 1
        flush_thread_burst_interval 1
        flush_thread_count 1
        timekey 10s
      </buffer>
    </match>

github-filter-kubernetes

End Target: To be able to receive logs with all the proper labels.

jcantrill commented 3 years ago

Without delving into your issue, I would consider utilizing https://grafana.com/docs/loki/latest/clients/fluentd/#extracting-kubernetes-labels which provides the information you require