Skip to content

Commit

Permalink
add include logs functionality
Browse files Browse the repository at this point in the history
  • Loading branch information
@chaitanyaphalak
chaitanyaphalak committed Nov 12, 2021
1 parent cf2f876 commit 27a8537
Show file tree
Hide file tree
Showing 15 changed files with 38 additions and 951 deletions.
17 changes: 14 additions & 3 deletions helm-charts/splunk-otel-collector/templates/config/_common.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,17 @@ zipkin:
{{- end }}
{{- end }}

{{/*
Filter Attributes Function
*/}}
{{- define "splunk-otel-collector.filterAttr" -}}
{{- if .Values.logsCollection.containers.useSplunkIncludeAnnotation }}
splunk.com/include
{{- else }}
splunk.com/exclude
{{- end }}
{{- end }}

{{/*
Common config for resourcedetection processor
*/}}
Expand Down Expand Up @@ -94,7 +105,7 @@ resource/logs:
action: upsert
- key: k8s.pod.annotations.splunk.com/sourcetype
action: delete
- key: splunk.com/exclude
- key: {{ include "splunk-otel-collector.filterAttr" . }}
action: delete
{{- if .Values.autodetect.istio }}
- key: service.name
Expand Down Expand Up @@ -158,9 +169,9 @@ Filter logs processor
# Drop logs coming from pods and namespaces with splunk.com/exclude annotation.
filter/logs:
logs:
exclude:
{{ .Values.logsCollection.containers.useSplunkIncludeAnnotation | ternary "include" "exclude" }}:
resource_attributes:
- key: splunk.com/exclude
- key: {{ include "splunk-otel-collector.filterAttr" . }}
value: "true"
{{- end }}

Expand Down
8 changes: 4 additions & 4 deletions helm-charts/splunk-otel-collector/templates/config/_otel-agent.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -270,11 +270,11 @@ processors:
annotations:
- key: splunk.com/sourcetype
from: pod
- key: splunk.com/exclude
tag_name: splunk.com/exclude
- key: {{ include "splunk-otel-collector.filterAttr" . }}
tag_name: {{ include "splunk-otel-collector.filterAttr" . }}
from: namespace
- key: splunk.com/exclude
tag_name: splunk.com/exclude
- key: {{ include "splunk-otel-collector.filterAttr" . }}
tag_name: {{ include "splunk-otel-collector.filterAttr" . }}
from: pod
- key: splunk.com/index
tag_name: com.splunk.index
Expand Down
8 changes: 4 additions & 4 deletions helm-charts/splunk-otel-collector/templates/config/_otel-collector.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,11 +53,11 @@ processors:
annotations:
- key: splunk.com/sourcetype
from: pod
- key: splunk.com/exclude
tag_name: splunk.com/exclude
- key: {{ include "splunk-otel-collector.filterAttr" . }}
tag_name: {{ include "splunk-otel-collector.filterAttr" . }}
from: namespace
- key: splunk.com/exclude
tag_name: splunk.com/exclude
- key: {{ include "splunk-otel-collector.filterAttr" . }}
tag_name: {{ include "splunk-otel-collector.filterAttr" . }}
from: pod
- key: splunk.com/index
tag_name: com.splunk.index
Expand Down
3 changes: 3 additions & 0 deletions helm-charts/splunk-otel-collector/values.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -481,6 +481,9 @@
"type": "string"
}
},
"useSplunkIncludeAnnotation": {
"type": "boolean"
},
"multilineConfigs": {
"type": "array",
"items": {
Expand Down
4 changes: 3 additions & 1 deletion helm-charts/splunk-otel-collector/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -371,7 +371,9 @@ logsCollection:
# containerName:
# value: server
# firstEntryRegex: ^[^\s].*

# Set `splunk.com/include` annotation to true on pod and `logsCollection.useSplunkIncludeAnnotation` flag to `true` to include its logs from ingested to your Splunk platform deployment.
# All other logs will be ignored.
useSplunkIncludeAnnotation: false
checkpointPath: "/var/lib/otel_pos"

################################################################################
Expand Down
234 changes: 1 addition & 233 deletions rendered/manifests/agent-only/configmap-otel-agent.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,236 +16,4 @@ metadata:
heritage: Helm
data:
relay: |
exporters:
sapm:
access_token: ${SPLUNK_O11Y_ACCESS_TOKEN}
endpoint: https://ingest.CHANGEME.signalfx.com/v2/trace
signalfx:
access_token: ${SPLUNK_O11Y_ACCESS_TOKEN}
api_url: https://api.CHANGEME.signalfx.com
correlation: null
ingest_url: https://ingest.CHANGEME.signalfx.com
sync_host_metadata: true
splunk_hec/o11y:
endpoint: https://ingest.CHANGEME.signalfx.com/v1/log
token: ${SPLUNK_O11Y_ACCESS_TOKEN}
extensions:
health_check: null
k8s_observer:
auth_type: serviceAccount
node: ${K8S_NODE_NAME}
memory_ballast:
size_mib: ${SPLUNK_BALLAST_SIZE_MIB}
zpages: null
processors:
batch: null
filter/logs:
logs:
exclude:
resource_attributes:
- key: splunk.com/exclude
value: "true"
groupbyattrs/logs:
keys:
- com.splunk.source
- com.splunk.sourcetype
- container.id
- fluent.tag
- istio_service_name
- k8s.container.name
- k8s.namespace.name
- k8s.pod.name
- k8s.pod.uid
k8sattributes:
extract:
annotations:
- from: pod
key: splunk.com/sourcetype
- from: namespace
key: splunk.com/exclude
tag_name: splunk.com/exclude
- from: pod
key: splunk.com/exclude
tag_name: splunk.com/exclude
- from: namespace
key: splunk.com/index
tag_name: com.splunk.index
- from: pod
key: splunk.com/index
tag_name: com.splunk.index
labels:
- key: app
metadata:
- k8s.namespace.name
- k8s.node.name
- k8s.pod.name
- k8s.pod.uid
- container.id
- container.image.name
- container.image.tag
filter:
node_from_env_var: K8S_NODE_NAME
pod_association:
- from: resource_attribute
name: k8s.pod.uid
- from: resource_attribute
name: k8s.pod.ip
- from: resource_attribute
name: ip
- from: connection
- from: resource_attribute
name: host.name
memory_limiter:
check_interval: 2s
limit_mib: ${SPLUNK_MEMORY_LIMIT_MIB}
resource:
attributes:
- action: insert
key: k8s.node.name
value: ${K8S_NODE_NAME}
- action: insert
key: k8s.cluster.name
value: CHANGEME
resource/add_agent_k8s:
attributes:
- action: insert
key: k8s.pod.name
value: ${K8S_POD_NAME}
- action: insert
key: k8s.pod.uid
value: ${K8S_POD_UID}
- action: insert
key: k8s.namespace.name
value: ${K8S_NAMESPACE}
resource/logs:
attributes:
- action: upsert
from_attribute: k8s.pod.annotations.splunk.com/sourcetype
key: com.splunk.sourcetype
- action: delete
key: k8s.pod.annotations.splunk.com/sourcetype
- action: delete
key: splunk.com/exclude
resourcedetection:
detectors:
- env
- system
override: false
timeout: 10s
receivers:
fluentforward:
endpoint: 0.0.0.0:8006
hostmetrics:
collection_interval: 10s
scrapers:
cpu: null
disk: null
filesystem: null
load: null
memory: null
network: null
paging: null
processes: null
jaeger:
protocols:
grpc:
endpoint: 0.0.0.0:14250
thrift_http:
endpoint: 0.0.0.0:14268
kubeletstats:
auth_type: serviceAccount
collection_interval: 10s
endpoint: ${K8S_NODE_IP}:10250
extra_metadata_labels:
- container.id
metric_groups:
- container
- pod
- node
otlp:
protocols:
grpc:
endpoint: 0.0.0.0:4317
http:
endpoint: 0.0.0.0:4318
prometheus/agent:
config:
scrape_configs:
- job_name: otel-agent
scrape_interval: 10s
static_configs:
- targets:
- ${K8S_POD_IP}:8889
receiver_creator:
receivers: null
watch_observers:
- k8s_observer
signalfx:
endpoint: 0.0.0.0:9943
smartagent/signalfx-forwarder:
listenAddress: 0.0.0.0:9080
type: signalfx-forwarder
zipkin:
endpoint: 0.0.0.0:9411
service:
extensions:
- health_check
- k8s_observer
- memory_ballast
- zpages
pipelines:
logs:
exporters:
- splunk_hec/o11y
processors:
- memory_limiter
- groupbyattrs/logs
- k8sattributes
- batch
- filter/logs
- resource
- resource/logs
- resourcedetection
receivers:
- fluentforward
- otlp
metrics:
exporters:
- signalfx
processors:
- memory_limiter
- batch
- resource
- resourcedetection
receivers:
- hostmetrics
- kubeletstats
- otlp
- receiver_creator
- signalfx
metrics/agent:
exporters:
- signalfx
processors:
- memory_limiter
- batch
- resource
- resource/add_agent_k8s
- resourcedetection
receivers:
- prometheus/agent
traces:
exporters:
- sapm
- signalfx
processors:
- memory_limiter
- k8sattributes
- batch
- resource
- resourcedetection
receivers:
- otlp
- jaeger
- smartagent/signalfx-forwarder
- zipkin
Error: 'error converting YAML to JSON: yaml: line 123: could not find expected '':'''
2 changes: 1 addition & 1 deletion rendered/manifests/agent-only/daemonset.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ spec:
app: splunk-otel-collector
release: default
annotations:
checksum/config: a6d79e9266fdb03b053855a5abd5e519189ebfbc6b81e192f77cd785da963369
checksum/config: 7e66ba6e4806347b2da28fa4d44033c392d24e3468749c08e990e95fcf29ad05
kubectl.kubernetes.io/default-container: otel-collector
spec:
hostNetwork: true
Expand Down
Loading

0 comments on commit 27a8537

Please sign in to comment.