elasticsearch,Openshift,Fluentd" />
elasticsearch,openshift,fluentd,Spring,Spring FluentD无法在Elasticsearch中写入日志
使用:Spring FluentD无法在Elasticsearch中写入日志,spring,
elasticsearch,openshift,fluentd,Spring,
- fluentd 1.11.2
- fluent插件elasticsearch 4.1.3
- elasticsearch 7.5.1
- springboot 2.3.3
<source>
@type forward
port 24224
bind 0.0.0.0
</source>
<filter *.**>
@type parser
key_name log
reserve_data true
<parse>
@type none
</parse>
</filter>
<match *.**>
@type copy
<store>
@type elasticsearch
host elasticdb
port 9200
logstash_format true
logstash_prefix applogs
logstash_dateformat %Y%m%d
include_tag_key true
type_name app_log
tag_key @log_name
flush_interval 1s
user elastic
password changeme
</store>
<store>
@type stdout
</store>
</match>
2020-09-18 17:33:08.000000000 +0000 app.appaa: {"from":"userA","to":"userB"}
2020-09-18 17:33:37 +0000 [warn]: #0 dump an error event: error_class=ArgumentError error="log does not exist" location=nil tag="fluent.warn" time=2020-09-18 17:33:37.328180192 +0000 record={"error"=>"#<ArgumentError: log does not exist>", "location"=>nil, "tag"=>"app.appaa", "time"=>1600450388, "record"=>{"from"=>"userA", "to"=>"userB"}, "message"=>"dump an error event: error_class=ArgumentError error=\"log does not exist\" location=nil tag=\"app.appaa\" time=1600450388 record={\"from\"=>\"userAa\", \"to\"=>\"userBb\"}"}
2020-09-18 17:33:37.328180192 +0000 fluent.warn: {"error":"#<ArgumentError: log does not exist>","location":null,"tag":"app.appaa","time":1600450388,"record":{"from":"userA","to":"userB"},"message":"dump an error event: error_class=ArgumentError error=\"log does not exist\" location=nil tag=\"app.appaa\" time=1600450388 record={\"from\"=>\"userA\", \"to\"=>\"userB\"}"}
warning: 299 Elasticsearch-7.5.1-3ae9ac9a93c95bd0cdc054951cf95d88e1e18d96 "[types removal] Specifying types in bulk requests is deprecated."
2020-09-18 17:33:08.000000000+0000 app.appaa:{“from”:“userA”,“to”:“userB”}
2020-09-18 17:33:37+0000[警告]:#0转储错误事件:error\u class=ArgumentError=“log不存在”location=nil tag=“fluent.warn”time=2020-09-18 17:33:37.328180192+0000记录={“error”=>“#”,“location”=>nil,“tag”=>“app.appa”,“time”=>1600450388,“record”=>{“from”=>“userA”,“to”=>“userB”},“message”=>“转储错误事件:error\u class=ArgumentError=\”日志不存在\“location=nil tag=\”app.appaa \“time=1600450388 record={\”from\”=>“userAa\”,\“to\”=>“userBb\”}”
2020-09-18 17:33:37.328180192+0000 fluent.warn:{“error”:“location”:null,“tag”:“app.appaa”,“time”:1600450388,“record”:{“from”:“userA”,“to”:“userB”},message:“dump a error event:error\u class=ArgumentError=\”日志不存在\“location=nil tag=\”app.appaa \“time=1600450388 record={“from=”from=>“userA\”,“to=”userB\”
警告:299 Elasticsearch-7.5.1-3AE9AC9A93C95BD0CDC05495CF95D88E18D96“[类型删除]不推荐在批量请求中指定类型。”
{
"_index": "applogs-20200918",
"_type": "_doc",
"_id": "F0M2onQBB89nIri4Cb1Z",
"_score": 1.0,
"_source": {
"error": "#<ArgumentError: log does not exist>",
"location": null,
"tag": "app.app",
"time": 1600449251,
"record": {
"from": "userA",
"to": "userB"
},
"message": "dump an error event: error_class=ArgumentError error=\"log does not exist\" location=nil tag=\"app.app\" time=1600449251 record={\"from\"=>\"userA\", \"to\"=>\"userB\"}",
"@timestamp": "2020-09-18T17:14:39.775332214+00:00",
"@log_name": "fluent.warn"
}
}
{
“_索引”:“applogs-20200918”,
“\u类型”:“\u单据”,
“_id”:“F0M2onQBB89nIri4Cb1Z”,
“_分数”:1.0,
“_来源”:{
“错误”:“#”,
“位置”:空,
“标签”:“app.app”,
“时间”:1600449251,
“记录”:{
“from”:“userA”,
“收件人”:“用户B”
},
“消息”:“转储错误事件:错误\类=参数错误=\”日志不存在\“位置=零标记=\”app.app \“时间=1600449251记录={\”从\“=>\”userA\,\”到\“=>”userB\”,
“@timestamp”:“2020-09-18T17:14:39.775332214+00:00”,
@log_name:“fluent.warn”
}
}
以前有人遇到过这个错误吗?过滤器中解析器的配置,即
<filter *.**>
@type parser
key_name log # << Look for key `log` in event
# ...
</filter>
{"log":"... your log here..."}
“相关文档:您是否使用
fluent catecho'{“log”:“hello”}流畅的cat debug.logfluent cat<filter *.**>
@type parser
key_name log # << Look for key `log` in event
# ...
</filter>
{"from":"userA","to":"userB"}
{"log":"... your log here..."}