-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Elasticsearch exporter does not set Timestamp (logs) #11752
Comments
pinging @urso @faec @blakerouse as code owners |
Pinging code owners: @urso @faec @blakerouse. See Adding Labels via Comments if you do not have permissions to add labels yourself. |
This issue has been inactive for 60 days. It will be closed in 60 days if there is no activity. To ping code owners by adding a component label, see Adding Labels via Comments, or if you are unsure of which component this issue relates to, please ping Pinging code owners:
See Adding Labels via Comments if you do not have permissions to add labels yourself. |
latest version of Trace ID:
Span ID:
Flags: 0
LogRecord #2
ObservedTimestamp: 2022-11-28 06:55:01.352423736 +0000 UTC
Timestamp: 2021-02-16 09:21:17.521307236 +0000 UTC
SeverityText:
SeverityNumber: Unspecified(0)
Body: Str(2021-02-16T09:21:17.521307236Z stdout F example: 12 Tue Feb 16 09:21:17 UTC 2021)
Attributes:
-> time: Str(2021-02-16T09:21:17.521307236Z)
-> log: Str(example: 12 Tue Feb 16 09:21:17 UTC 2021)
-> log.iostream: Str(stdout)
-> log.file.path: Str(/var/log/pods/containerd_logs-0_000011112222333344445555666677778888/logs/0.log)
-> logtag: Str(F)
and es index documents: {
"_index": ".ds-logs-generic-default-2022.11.28-000001",
"_type": "_doc",
"_id": "mzcEvYQBz1BRB43O_bH3",
"_score": 1,
"_source": {
"@timestamp": "2021-02-16T09:21:17.521307236Z",
"Attributes.log.file.path": "/var/log/pods/containerd_logs-0_000011112222333344445555666677778888/logs/0.log",
"Attributes.log.iostream": "stdout",
"Attributes.log.value": "example: 10 Tue Feb 16 09:21:15 UTC 2021",
"Attributes.logtag": "F",
"Attributes.time": "2021-02-16T09:21:17.521307236Z",
"Body": "2021-02-16T09:21:15.518430714Z stdout F example: 10 Tue Feb 16 09:21:15 UTC 2021",
"Resource.k8s.container.name": "logs",
"Resource.k8s.container.restart_count": "0",
"Resource.k8s.namespace.name": "containerd",
"Resource.k8s.pod.name": "logs-0",
"Resource.k8s.pod.uid": "000011112222333344445555666677778888",
"SeverityNumber": 0,
"TraceFlags": 0
}
}, |
Closing based on @JaredTan95 comment. @jsirianni please reopen if the issue is not fix. |
This is not resolved. If Timestamp is zero ( I took a quick look at the exporter's code and it seems to incorrectly assume that In a perfect world, |
Hi all, I'm facing the same issue as above, details on open-telemetry/opentelemetry-rust#1479 In this case, the (Rust) tokio tracing to OpenTelemetry bridge doesn't use the timestamp field (which is optional) and only the ObservedTimestamp is filled in by the API. This should trigger the fallback, but it doesn't and the consequence is having only Elasticsearch records with Can we reopen this issue please? |
Signed-off-by: Jared Tan <[email protected]>
…amp overwrites the timestamp (#31844) **Description:** <Describe what has changed.> <!--Ex. Fixing a bug - Describe the bug and how this fixes the issue. Ex. Adding a feature - Explain what this achieves.--> **Link to tracking Issue:** #11752 --------- Signed-off-by: Jared Tan <[email protected]> Co-authored-by: Andrzej Stencel <[email protected]>
Can this issue be closed now, since #31844 has been merged? |
Yes, sounds like the issue is resolved. |
Describe the bug
When using the Elasticsearch exporter, log timestamp is omitted unless set by an operator.
Steps to reproduce
Use the filelog receiver without any parsing (do not parse a timestamp to the log entry). When viewing in Kibana, logs will show up in year 1970 (Zero value for timestamp).
What did you expect to see?
The log data model has two timestamps.
ObservedTimestamp
andTimestamp
. It is my understanding that vendors should use Timestamp when set, and fall back on ObservedTimestamp when not set.What did you see instead?
It seems like observed timestamp is getting ignored, and because timestamp is not set, ES exporter uses the zero value for all ingested logs. I cannot select observed timestamp in the Kibana UI, as if it is being stripped from the log entry.
What version did you use?
Contrib v0.53.0
What config did you use?
Environment
Additional context
See Log collection v0.29.0 "Note to Vendors" on how to use timestamps: https://github.com/open-telemetry/opentelemetry-log-collection/releases/tag/v0.29.0
Logging exporter gives the following log entry
The text was updated successfully, but these errors were encountered: