PoC for Log parsing with Otel Collector

[chrkl]

Description
As a follow-up to #691, we want to evaluate an OpenTelemetry collector setup to read JSON structured container logs and convert them to OTLP logs. Fields like Timestamp, SeverityText, SeverityNumber, or Body should be detected in well-known log formats like Zap or Log4j. JSON fields that are not mappable to the OTLP log record fields, should be converted to OTLP attributes or resource attributes. The possibility to allow the user giving hits about the used log format should be evaluated. For instance, describing the log message field in a Kubernetes annotation. The feasibility to achieve this with the filelog receiver's operators and the attributes processor should be evaluated.

Acceptance Criteria

• Fields of the OTLP Log and Event Record Definition are extracted from JSON logs
• The actual log message is written to the Body field
• Decide and implement how to map the body in case no message field can be identified
• Other fields of the JSON record are written to the Attributes or Resource maps
• Semantic conventions for Attributes and Resource Attributes are followed
• Scenarios:
  • Have an unstructured log, see basic data in place like pod name, raw payload in body
  • Have structured log not matching any format, see basic data in place like pod name, log attributes are parsed, body contains X
  • Have structured log matching a format, see basic data in place like pod name, log attributes are parsed, body contains log message

[chrkl]

The PoC has been conducted, results were documented by PR #762.