Open tpendragon opened 7 months ago
Could we configure the nginx+ logs to use JSON? Datadog automatically parses JSON files, and this might be an easier lift (and more futureproofed) than writing our own parsing rules.
See this SO post and this datadog docs page.
Some of the scenarios I can think of are possible now. For example, this view shows all log messages related to the /catalog
path in the last fifteen minutes, and from there we can use facets to see requests from a single client IP to that path. What are the other use cases? Can we add acceptance criteria?
Ah, we DO have a pipeline for nginx/nginxplus enabled. Is this ticket done, then?
When I look at nginxplus logs I don't get any event attributes, I'm assuming our log format is a little different from whatever the default is.
Right now we can't extract fields from the NGINX logs in datadog. We probably need to add a parser to https://app.datadoghq.com/logs/pipelines
This is critical because without it we can't use facets to do things like measure how many user agents are coming in for a specific service, what IPs they're going to, or who the client IPs are.