openstack/kolla-ansible
Code Issues Proposed changes

Parse Monasca Log API timestamps correctly

Browse Source 
By parsing the creation_time timestamp in Logstash, Elasticsearch
can parse it correctly. This closes a bug where the creation_time
timestamp was shown as a date shortly after the epoch (1970) when
viewed in Kibana.

Closes-Bug: #1816585

Change-Id: I00decfe94607845ef0eae9bec631a0e729aac3fa
This commit is contained in:
Doug Szumski
2019-02-19 13:59:20 +00:00
parent 4a127d4bd9
commit e2ed302312
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
ansible/roles/monasca/templates/monasca-log-transformer/log-transformer.conf.j2
View File

@@ -18,6 +18,14 @@ filter {
remove_field => [ "[log][dimensions][timestamp]", "[log][dimensions][Timestamp]" ] remove_field => [ "[log][dimensions][timestamp]", "[log][dimensions][Timestamp]" ]
} }
# Monasca Log API adds a timestamp when it processes a log entry. This
# timestamp needs to be converted from seconds since the epoch for
# Elasticsearch to parse it correctly. Here we make that conversion.
date {
match => ["creation_time", "UNIX"]
target => "creation_time"
}
# OpenStack log levels are uppercase, and syslog are lowercase. # OpenStack log levels are uppercase, and syslog are lowercase.
# Furthermore, syslog has more log levels that OpenStack. To avoid # Furthermore, syslog has more log levels that OpenStack. To avoid
# mapping syslog log levels to OpenStack log levels, we standardise # mapping syslog log levels to OpenStack log levels, we standardise