Fluend不会自动在Json Parser中添加当前系统时间
Fluentd专家和用户!
目前,我们已经遇到了使用Fluentd来解析JSON格式日志的问题。尽管我已根据文档配置了Time_key和keep_time_key,但Fluentd并未自动将当前系统时间添加到解析结果中。
我们日志的例子是 {“ host”:“ 204.48.112.175”,“用户识别符”:“ - ”,“方法”:“ post”,“请求”:“/synthesize/intiaize/intiatives/intematives/intemateatives/intemated”,“协议”:“:” http/2.0“,”状态“:502,”字节:10272} 您会看到其中没有时间字段。
但是,在解析的日志输出中没有系统当前时间(输出为stdout(调试模式)):
loghub_s3: {"host":"204.48.112.175","user-identifier":"-","method":"POST","request":"/synthesize/initiatives/integrated","protocol":"HTTP/2.0","status":502,"bytes":10272,"referer":"http://www.centralenable.name/user-centric/reintermediate/synergistic/e-business","s3_bucket":"loghub-logs-691546483958","s3_key":"json/json-notime.json"}
我的配置文件是:
<system>
log_level debug
</system>
<match loghub_s3>
@type stdout
@id output_stdout
</match>
<source>
@type s3
tag loghub_s3
s3_bucket loghub-logs-691546483958
s3_region us-east-1
store_as json
add_object_metadata true
<instance_profile_credentials>
ip_address 169.254.169.254
port 80
</instance_profile_credentials>
<sqs>
queue_name loghub-fluentd-dev
</sqs>
<parse>
@type json
time_type string
time_format %d/%b/%Y:%H:%M:%S %z
time_key time
keep_time_key true
</parse>
</source>
其他信息:
- fluentd版本:1.14.3
- TD代理版本:4.3.0
- fluent-plugin-- S3版本:1.6.1
- 操作系统:Amazon Linux2
- 内核版本:5.10.102-99.473.amzn2.x86_64
,我们已经使用了s3-input-plugin: https://github.com/fluent/fluent/fluent-plugin-s3
任何人都可以帮助我们检查我们的配置是否错误。而且我不确定这是Fluentd问题还是插件问题。
预先感谢!
Fluentd Experts and Users!
Currently we have met an issue in using Fluentd to parse json format log. Fluentd does not automatically add the current system time to the parsing result, although I have configured time_key and keep_time_key according to the documentation.
The example of our log is,{"host": "204.48.112.175", "user-identifier": "-", "method": "POST", "request": "/synthesize/initiatives/integrated", "protocol": "HTTP/2.0", "status": 502, "bytes": 10272}
and you can see that there is no time field in it.
But there is no system current time in the parsed log output (the output is in stdout (debug mode) ):
loghub_s3: {"host":"204.48.112.175","user-identifier":"-","method":"POST","request":"/synthesize/initiatives/integrated","protocol":"HTTP/2.0","status":502,"bytes":10272,"referer":"http://www.centralenable.name/user-centric/reintermediate/synergistic/e-business","s3_bucket":"loghub-logs-691546483958","s3_key":"json/json-notime.json"}
And my config file is:
<system>
log_level debug
</system>
<match loghub_s3>
@type stdout
@id output_stdout
</match>
<source>
@type s3
tag loghub_s3
s3_bucket loghub-logs-691546483958
s3_region us-east-1
store_as json
add_object_metadata true
<instance_profile_credentials>
ip_address 169.254.169.254
port 80
</instance_profile_credentials>
<sqs>
queue_name loghub-fluentd-dev
</sqs>
<parse>
@type json
time_type string
time_format %d/%b/%Y:%H:%M:%S %z
time_key time
keep_time_key true
</parse>
</source>
Other informations:
- Fluentd version: 1.14.3
- TD Agent version: 4.3.0
- fluent-plugin-s3 version: 1.6.1
- Operating system: Amazon Linux2
- Kernel version: 5.10.102-99.473.amzn2.x86_64
And we have used the s3-input-plugin: https://github.com/fluent/fluent-plugin-s3
Can anyone help us to check if our configuration is wrong. And I’m not sure if this is a Fluentd issue, or Plugin issue.
Thanks a lot in advance!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
如注释中所述,除非另有配置,否则
fluentd不会创建时间/时间戳字段。您可以注射 filts> filter> filts> filts 或>匹配部分。这是
fluent.conf
运行fluentd:
fluentd logs
As mentioned in the comments,
fluentddoes not create a time/timestamp field unless configured otherwise. You can inject this field underfilterormatchsection.Here's an example with the sample input and stdout output plugins:
fluent.conf
Run fluentd:
fluentd logs