Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

out_azure_logs_ingestion: Implementing Azure Logs Ingestion (with DCR, DCE) output plugin #7155

Merged
merged 15 commits into from
Jun 14, 2023
Merged

out_azure_logs_ingestion: Implementing Azure Logs Ingestion (with DCR, DCE) output plugin #7155

merged 15 commits into from
Jun 14, 2023

Conversation

kforeverisback
Copy link
Contributor

@kforeverisback kforeverisback commented Apr 10, 2023
edited
Loading

This PR implements an output plugin for Azure Log Ingestion API.

Issue:
Fixes #5222

Testing
Before we can approve your change; please submit the following in a comment:

  • Example configuration file for the change
  • Debug log output from testing the change
  • Attached Valgrind output that shows no leaks or memory corruption was found

Testing scenarios:

  • Setup a DCE, DCR and Log Analytics table using this tutorial.
  • Sample apachge log was generated using flog.
  • Ran fluentbit with Valgrind for 4 hours using the provided sample config.
    • Successfully sent data, transformations were done properly at Log Analytics table
    • No memory leak was observed

Documentation

  • Documentation required for this feature

Will try to include a documentation PR soon!
See documentation PR: fluent/fluent-bit-docs#1076

Input Config and Valgrind Log

Config

[INPUT]
    Name tail
    Path /home/kushal/dev/fluent-bit/sample-log/sample.log
    Tag  sample
    Key  RawData

[FILTER]
    Name  modify
    Match sample
    Add   Application FBLogGen

[OUTPUT]
    Name            azure_logs_ingestion
    Match           sample
    client_id       XXXXXXXX-xxxx-yyyy-zzzz-xxxxyyyyzzzzxyzz
    client_secret   SECRET-~REDUCTED.4CicpH
    tenant_id       XXXXXXXX-xxxx-yyyy-zzzz-xxxxyyyyzzzzxyzz
    dce_url         https://log-analytics-dce-XXXX.westus3-1.ingest.monitor.azure.com
    dcr_id          dcr-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    table_name      ladcr_CL
    time_generated  true
    time_key        Time
    Compress        true

Valgrind log

$ valgrind --leak-check=full ./fluent-bit -c sample-config.conf
==11775== Memcheck, a memory error detector
==11775== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==11775== Using Valgrind-3.18.1 and LibVEX; rerun with -h for copyright info
==11775== Command: ./fluent-bit -c sample-config.conf
==11775==
Fluent Bit v2.1.0
* Copyright (C) 2015-2022 The Fluent Bit Authors
* Fluent Bit is a CNCF sub-project under the umbrella of Fluentd
* https://fluentbit.io

[2023/04/10 12:51:58] [ info] [fluent bit] version=2.1.0, commit=469c064a74, pid=11775
[2023/04/10 12:51:58] [ info] [storage] ver=1.4.0, type=memory, sync=normal, checksum=off, max_chunks_up=128
[2023/04/10 12:51:58] [ info] [cmetrics] version=0.5.8
[2023/04/10 12:51:58] [ info] [ctraces ] version=0.3.0
[2023/04/10 12:51:58] [ info] [input:tail:tail.0] initializing
[2023/04/10 12:51:58] [ info] [input:tail:tail.0] storage_strategy='memory' (memory only)
[2023/04/10 12:51:59] [ info] [output:azure_logs_ingestion:azure_logs_ingestion.0] dce_url='https://log-analytics-dce-XXXX.westus3-1.ingest.monitor.azure.com', dcr='dcr-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', table='ladcr_CL', stream='Custom-ladcr_CL'
[2023/04/10 12:51:59] [ info] [sp] stream processor started
[2023/04/10 12:51:59] [ info] [input:tail:tail.0] inotify_fs_add(): inode=62107 watch_fd=1 name=/home/kushal/dev/fluent-bit/sample-log/sample.log
[2023/04/10 12:52:02] [ info] [oauth2] HTTP Status=200
[2023/04/10 12:52:02] [ info] [oauth2] access token from 'login.microsoftonline.com:443' retrieved
[2023/04/10 12:52:02] [ info] [output:azure_logs_ingestion:azure_logs_ingestion.0] http_status=204, dcr_id=dcr-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, table=ladcr_CL
[2023/04/10 12:52:02] [ info] [output:azure_logs_ingestion:azure_logs_ingestion.0] http_status=204, dcr_id=dcr-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, table=ladcr_CL
[2023/04/10 12:52:03] [ info] [output:azure_logs_ingestion:azure_logs_ingestion.0] http_status=204, dcr_id=dcr-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, table=ladcr_CL
[2023/04/10 12:52:03] [ info] [output:azure_logs_ingestion:azure_logs_ingestion.0] http_status=204, dcr_id=dcr-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, table=ladcr_CL
[2023/04/10 12:52:04] [ info] [output:azure_logs_ingestion:azure_logs_ingestion.0] http_status=204, dcr_id=dcr-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, table=ladcr_CL
[2023/04/10 12:52:05] [ info] [output:azure_logs_ingestion:azure_logs_ingestion.0] http_status=204, dcr_id=dcr-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, table=ladcr_CL
[2023/04/10 12:52:06] [ info] [output:azure_logs_ingestion:azure_logs_ingestion.0] http_status=204, dcr_id=dcr-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, table=ladcr_CL
[2023/04/10 12:52:07] [ info] [output:azure_logs_ingestion:azure_logs_ingestion.0] http_status=204, dcr_id=dcr-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, table=ladcr_CL
[2023/04/10 12:52:08] [ info] [output:azure_logs_ingestion:azure_logs_ingestion.0] http_status=204, dcr_id=dcr-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, table=ladcr_CL
[2023/04/10 12:52:09] [ info] [output:azure_logs_ingestion:azure_logs_ingestion.0] http_status=204, dcr_id=dcr-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, table=ladcr_CL
[2023/04/10 12:52:10] [ info] [output:azure_logs_ingestion:azure_logs_ingestion.0] http_status=204, dcr_id=dcr-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, table=ladcr_CL
[2023/04/10 12:52:11] [ info] [output:azure_logs_ingestion:azure_logs_ingestion.0] http_status=204, dcr_id=dcr-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, table=ladcr_CL
[2023/04/10 12:52:12] [ info] [output:azure_logs_ingestion:azure_logs_ingestion.0] http_status=204, dcr_id=dcr-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, table=ladcr_CL
^C[2023/04/10 12:52:13] [engine] caught signal (SIGINT)
[2023/04/10 12:52:13] [ warn] [engine] service will shutdown in max 5 seconds
[2023/04/10 12:52:13] [ info] [input] pausing tail.0
[2023/04/10 12:52:14] [ info] [engine] service has stopped (0 pending tasks)
[2023/04/10 12:52:14] [ info] [input] pausing tail.0
==11775==
==11775== HEAP SUMMARY:
==11775==     in use at exit: 761,304 bytes in 5,812 blocks
==11775==   total heap usage: 34,500 allocs, 28,688 frees, 15,722,056 bytes allocated
==11775==
==11775== LEAK SUMMARY:
==11775==    definitely lost: 0 bytes in 0 blocks
==11775==    indirectly lost: 0 bytes in 0 blocks
==11775==      possibly lost: 0 bytes in 0 blocks
==11775==    still reachable: 761,304 bytes in 5,812 blocks
==11775==         suppressed: 0 bytes in 0 blocks
==11775== Reachable blocks (those to which a pointer was found) are not shown.
==11775== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==11775==
==11775== For lists of detected and suppressed errors, rerun with: -s
==11775== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)

Fluent Bit is licensed under Apache 2.0, by submitting this pull request I understand that this code will be released under the terms of that license.

@kforeverisback kforeverisback mentioned this pull request Apr 10, 2023
Closed
@kforeverisback kforeverisback force-pushed the feature/logs_ingestion branch from de72285 to 286ef37 Compare April 10, 2023 20:18
@patrick-stephens patrick-stephens added the ok-package-test Run PR packaging tests label Apr 12, 2023
@patrick-stephens
Copy link
Contributor

I would also like to see some integration tests to verify the feature in fluent/fluent-bit-ci.

@patrick-stephens patrick-stephens temporarily deployed to unstable April 12, 2023 11:00 — with GitHub Actions Inactive
@patrick-stephens patrick-stephens temporarily deployed to pr-package-test April 12, 2023 11:00 — with GitHub Actions Inactive
@patrick-stephens patrick-stephens temporarily deployed to pr April 12, 2023 11:00 — with GitHub Actions Inactive
@kforeverisback kforeverisback temporarily deployed to pr April 12, 2023 11:00 — with GitHub Actions Inactive
@kforeverisback kforeverisback temporarily deployed to pr April 12, 2023 11:00 — with GitHub Actions Inactive
@patrick-stephens patrick-stephens temporarily deployed to pr April 12, 2023 11:00 — with GitHub Actions Inactive
@patrick-stephens patrick-stephens temporarily deployed to pr-package-test April 12, 2023 11:00 — with GitHub Actions Inactive
@patrick-stephens patrick-stephens temporarily deployed to pr April 12, 2023 11:00 — with GitHub Actions Inactive
@patrick-stephens patrick-stephens temporarily deployed to pr April 12, 2023 11:00 — with GitHub Actions Inactive
@patrick-stephens patrick-stephens temporarily deployed to pr April 12, 2023 11:00 — with GitHub Actions Inactive
@patrick-stephens patrick-stephens temporarily deployed to pr April 12, 2023 11:00 — with GitHub Actions Inactive
@patrick-stephens patrick-stephens temporarily deployed to pr April 12, 2023 11:00 — with GitHub Actions Inactive
@patrick-stephens patrick-stephens temporarily deployed to pr April 12, 2023 11:00 — with GitHub Actions Inactive
@patrick-stephens patrick-stephens temporarily deployed to pr April 12, 2023 11:00 — with GitHub Actions Inactive
@patrick-stephens patrick-stephens temporarily deployed to pr April 12, 2023 11:00 — with GitHub Actions Inactive
@patrick-stephens patrick-stephens temporarily deployed to pr April 12, 2023 11:00 — with GitHub Actions Inactive
@patrick-stephens patrick-stephens temporarily deployed to pr April 12, 2023 11:00 — with GitHub Actions Inactive
@patrick-stephens patrick-stephens temporarily deployed to pr April 12, 2023 11:00 — with GitHub Actions Inactive
@kforeverisback kforeverisback requested a review from edsiper May 1, 2023 18:16
leonardo-albertovich
leonardo-albertovich requested changes May 15, 2023
View reviewed changes
plugins/out_azure_logs_ingestion/azure_logs_ingestion.c Outdated
"client_credentials", 18);
if (ret == -1) {
flb_plg_error(ctx->ins, "error appending oauth2 params");
return NULL;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This exit path doesn't seem to release the mutex which could cause a deadlock.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed

plugins/out_azure_logs_ingestion/azure_logs_ingestion.c Outdated
sizeof(FLB_AZ_LI_AUTH_SCOPE) - 1);
if (ret == -1) {
flb_plg_error(ctx->ins, "error appending oauth2 params");
return NULL;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This exit path doesn't seem to release the mutex which could cause a deadlock.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed

plugins/out_azure_logs_ingestion/azure_logs_ingestion.c Outdated
ctx->client_id, -1);
if (ret == -1) {
flb_plg_error(ctx->ins, "error appending oauth2 params");
return NULL;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This exit path doesn't seem to release the mutex which could cause a deadlock.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed

plugins/out_azure_logs_ingestion/azure_logs_ingestion.c Outdated
ctx->client_secret, -1);
if (ret == -1) {
flb_plg_error(ctx->ins, "error appending oauth2 params");
return NULL;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This exit path doesn't seem to release the mutex which could cause a deadlock.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed

plugins/out_azure_logs_ingestion/azure_logs_ingestion.c Outdated
/* Copy string to prevent race conditions */
if (!token) {
flb_plg_error(ctx->ins, "error retrieving oauth2 access token");
return NULL;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This exit path doesn't seem to release the mutex which could cause a deadlock.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed

plugins/out_azure_logs_ingestion/azure_logs_ingestion.c Outdated
ctx->token = flb_sds_create_size(token_len);
if (!ctx->token) {
flb_plg_error(ctx->ins, "error creating token buffer");
return NULL;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This exit path doesn't seem to release the mutex which could cause a deadlock.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed

plugins/out_azure_logs_ingestion/azure_logs_ingestion.c Outdated
}
}
/* If our token_length is more than what we already allocated */
else if (token_len > flb_sds_len(ctx->token)) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You want to use flb_sds_alloc here which gives you the size of the buffer rather than the length of the current value.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Used flb_sds_alloc

plugins/out_azure_logs_ingestion/azure_logs_ingestion.c Outdated
/* If our token_length is more than what we already allocated */
else if (token_len > flb_sds_len(ctx->token)) {
flb_plg_debug(ctx->ins, "new token len > previous token len");
ctx->token = flb_sds_increase(ctx->token, token_len -
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You need to use a temporary variable here to save the result of flb_sds_increase, otherwise if it fails when trying to resize the buffer you lose the original pointer and leak the memory.

Additionally, in case of failure you need to release the existing buffer and prematurely return, otherwise you will hit a null deref in line 230

Copy link
Contributor Author

@kforeverisback kforeverisback May 31, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed:
Simplified the codeblock by not using a struct variable since the token string must always persist for a HTTP call.

@kforeverisback
out_azure_logs_ingestion: duplicated azure plugin to create a new plu…
5cd1703 
…gin. needs change

Signed-off-by: Kushal Azim Ekram <[email protected]>
@kforeverisback
out_azure_logs_ingestion: added out_azure_log_ingestion empty plugin.
105946a 
currently it builds with CMake

Signed-off-by: Kushal Azim Ekram <[email protected]>
@kforeverisback
out_azure_logs_ingestion: added log_ingestion header
7d02662 
Signed-off-by: Kushal Azim Ekram <[email protected]>
@kforeverisback
out_azure_logs_ingestion: basic configuration setup
13b5258 
Signed-off-by: Kushal Azim Ekram <[email protected]>
@kforeverisback
out_azure_logs_ingestion: VSCode dev settings
ca1b173 
Signed-off-by: Kushal Azim Ekram <[email protected]>
@kforeverisback
out_azure_logs_ingestion: working logs lngestion plugin
1db1e4f 
Signed-off-by: Kushal Azim Ekram <[email protected]>
@kforeverisback
out_azure_logs_ingestion: added compression support
684c371 
Signed-off-by: Kushal Azim Ekram <[email protected]>
@kforeverisback
out_azure_logs_ingestion: modified CMake description
04baa14 
Signed-off-by: Kushal Azim Ekram <[email protected]>
@kforeverisback
out_azure_logs_ingestion: reverted VSCode launch files and gitignore
5065402 
Signed-off-by: Kushal Azim Ekram <[email protected]>
@kforeverisback
out_azure_logs_ingestion: added debug logs
3600582 
Signed-off-by: Kushal Azim Ekram <[email protected]>
@kforeverisback
out_azure_logs_ingestion: reverted gitignore to original
d566c59 
Signed-off-by: Kushal Azim Ekram <[email protected]>
@kforeverisback
out_azure_logs_ingestion: reverted gitignore to original
fd14d7e 
Signed-off-by: Kushal Azim Ekram <[email protected]>
@kforeverisback
out_azure_logs_ingestion: CMakeFile bug fix: build with/without azure…
cf6b65b 
… Logs ingestion plugin

Signed-off-by: Kushal Azim Ekram <[email protected]>
@kforeverisback
out_azure_logs_ingestion: fixed PR comments - various linting issues
1bbe6d5 
Signed-off-by: Kushal Azim Ekram <[email protected]>
@kforeverisback
Fix token race condition. Mutex cleanup for token
d380078 
Signed-off-by: Kushal Azim Ekram <[email protected]>
@kforeverisback kforeverisback force-pushed the feature/logs_ingestion branch from b60ae02 to d380078 Compare May 31, 2023 21:30
@kforeverisback kforeverisback temporarily deployed to pr June 11, 2023 04:25 — with GitHub Actions Inactive
@kforeverisback kforeverisback temporarily deployed to pr June 11, 2023 04:25 — with GitHub Actions Inactive
@kforeverisback kforeverisback temporarily deployed to pr June 11, 2023 04:25 — with GitHub Actions Inactive
@kforeverisback kforeverisback temporarily deployed to pr June 11, 2023 04:45 — with GitHub Actions Inactive
@edsiper edsiper added this to the Fluent Bit v2.1.5 milestone Jun 14, 2023
@edsiper edsiper merged commit 1a197e8 into fluent:master Jun 14, 2023
k402xxxcenxxx pushed a commit to k402xxxcenxxx/fluent-bit that referenced this pull request Jul 7, 2023
@kforeverisback @k402xxxcenxxx
out_azure_logs_ingestion: Implementing Azure Logs Ingestion (with DCR…
0f2ea2b 
…, DCE) output plugin (fluent#7155)

Signed-off-by: Kushal Azim Ekram <[email protected]>
leonardo-albertovich pushed a commit that referenced this pull request Jul 17, 2023
@kforeverisback @leonardo-albertovich
out_azure_logs_ingestion: Implementing Azure Logs Ingestion (with DCR…
8e7c08e 
…, DCE) output plugin (#7155)

Signed-off-by: Kushal Azim Ekram <[email protected]>
@infracloudav
Copy link

@kforeverisback The Output plugin documentation is not available , Is that deleted ?

https://docs.fluentbit.io/manual/pipeline/outputs/azure_logs_ingestion/

@patrick-stephens
Copy link
Contributor

@infracloudav thanks for the highlight, it should be added now - the docs were there but not included in the summary to link to them.

@kforeverisback kforeverisback mentioned this pull request Jul 16, 2024
Merged
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@leonardo-albertovich leonardo-albertovich leonardo-albertovich requested changes

@patrick-stephens patrick-stephens patrick-stephens left review comments

@fujimotos fujimotos Awaiting requested review from fujimotos fujimotos is a code owner

@niedbalski niedbalski Awaiting requested review from niedbalski niedbalski is a code owner

@koleini koleini Awaiting requested review from koleini koleini is a code owner

@edsiper edsiper Awaiting requested review from edsiper edsiper is a code owner

Assignees

@leonardo-albertovich leonardo-albertovich

Labels
docs-required ok-package-test Run PR packaging tests
Projects
None yet
Milestone
Fluent Bit v2.1.5
Development

Successfully merging this pull request may close these issues.

Azure Log Analytics DCR support
5 participants
@kforeverisback @patrick-stephens @infracloudav @leonardo-albertovich @edsiper