Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Logs+] Default pipeline for logs data streams #95971

Merged
merged 20 commits into from
May 12, 2023
Merged

[Logs+] Default pipeline for logs data streams #95971

merged 20 commits into from
May 12, 2023

Conversation

eyalkoren
Copy link
Contributor

Closes #95551
Closes #95537

eyalkoren added 12 commits May 3, 2023 15:23
@eyalkoren
Adding ability to auto-install ingest pipelines through index templates
8934c9e
@eyalkoren
Merge remote-tracking branch 'upstream/main' into ingest-pipeline-reg…
4aaa1ff 
…istry
@eyalkoren
Update docs/changelog/95782.yaml
8d09963
@eyalkoren
Update changelog summary
0240b07
@eyalkoren
Guarding from nulls
5354b7c
@eyalkoren
Avoid using forbidden API
ddef98e
@eyalkoren
Fixing AnalyticsTemplateRegistryTests to pass index template validation
7ee1694
@eyalkoren
Merge remote-tracking branch 'upstream/main' into ingest-pipeline-reg…
e82e135 
…istry
@eyalkoren
Fixing validation when IngestMetadata is null in cluster state
481f132
@eyalkoren
Merge remote-tracking branch 'upstream/main' into ingest-pipeline-reg…
3f89462 
…istry
@eyalkoren
Merge remote-tracking branch 'upstream/main' into default-timestamp-f…
0688915 
…or-logs
@eyalkoren
[Logs+] adding defalut pipeline for logs data streams
e361eb8
@eyalkoren eyalkoren requested review from jbaiera and felixbarny May 10, 2023 04:46
@eyalkoren eyalkoren self-assigned this May 10, 2023
@elasticsearchmachine
Copy link
Collaborator

Pinging @elastic/es-data-management (Team:Data Management)

@elasticsearchmachine elasticsearchmachine added Team:Data Management Meta label for data/management team external-contributor Pull request authored by a developer outside the Elasticsearch team labels May 10, 2023
@elasticsearchmachine
Copy link
Collaborator

Hi @eyalkoren, I've created a changelog YAML for you.

felixbarny
felixbarny requested changes May 10, 2023
View reviewed changes
Copy link
Member

@felixbarny felixbarny left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Other than the requested changes to avoid a mustache script evaluation, LGTM

x-pack/plugin/core/src/main/resources/logs-default-pipeline.json Outdated Show resolved Hide resolved
...eams/src/yamlRestTest/resources/rest-api-spec/test/data_stream/220_logs_default_pipeline.yml Outdated Show resolved Hide resolved
@eyalkoren
Copy link
Contributor Author

eyalkoren commented May 10, 2023
edited
Loading

@jbaiera Please verify that my fix for CoreWithSecurityClientYamlTestSuiteIT doesn't have unwanted side effects.

@eyalkoren eyalkoren requested a review from felixbarny May 10, 2023 08:46
felixbarny
felixbarny approved these changes May 10, 2023
View reviewed changes
Copy link
Member

@felixbarny felixbarny left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

felixbarny
felixbarny reviewed May 11, 2023
View reviewed changes
x-pack/plugin/core/src/main/resources/logs-default-pipeline.json
Comment on lines +4 to +9
"set": {
"description": "If '@timestamp' is missing, set it with the ingest timestamp",
"field": "@timestamp",
"override": false,
"copy_from": "_ingest.timestamp"
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@joegallo FYI this is how we're setting a default timestamp. We'll want to have millisecond precision so we're not truncating here. As the @timestamp field is mapped as a date, not date_nanos, we don't need to truncate microseconds and nanoseconds, I think.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A set w/ copy_from is very fast. 👍 and ❤️

x-pack/plugin/core/src/main/resources/logs-default-pipeline.json Outdated
Comment on lines 12 to 16
"pipeline" : {
"name": "logs@custom",
"ignore_missing_pipeline": true,
"description": "A custom pipeline for logs data streams, which does not exist by default"
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@joshdover @kpollich FYI: the logs-*-* index template will contain this default logs pipeline that calls out a missing logs@custom extension point.

jbaiera
jbaiera approved these changes May 11, 2023
View reviewed changes
Copy link
Member

@jbaiera jbaiera left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@felixbarny felixbarny merged commit c244de0 into elastic:main May 12, 2023
@eyalkoren eyalkoren deleted the default-timestamp-for-logs branch May 14, 2023 05:10
@eyalkoren eyalkoren mentioned this pull request May 23, 2023
Closed
@eyalkoren eyalkoren mentioned this pull request Jun 4, 2023
Merged
@ElenaStoeva ElenaStoeva mentioned this pull request Jun 9, 2023
Merged
1 task
@weltenwort weltenwort mentioned this pull request Jun 20, 2023
Closed
@masseyke masseyke mentioned this pull request Aug 24, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@felixbarny felixbarny felixbarny approved these changes

@joegallo joegallo joegallo left review comments

@jbaiera jbaiera jbaiera approved these changes

Assignees

@eyalkoren eyalkoren

Labels
:Data Management/Data streams Data streams and their lifecycles >enhancement external-contributor Pull request authored by a developer outside the Elasticsearch team Team:Data Management Meta label for data/management team v8.9.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Logs+] Assign a default @timestamp if missing [Logs+] Make default logs-*-* pipeline customizable
5 participants
@eyalkoren @elasticsearchmachine @joegallo @jbaiera @felixbarny