OBSDOCS-1640: Document HTTP output proxy should be configurable #89407
Conversation
openshift-ci-robot
added
the
jira/valid-reference
|
@theashiot: This pull request references OBSDOCS-1640 which is a valid jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
openshift-ci
bot
added
the
size/L
|
@theashiot: This pull request references OBSDOCS-1640 which is a valid jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
🤖 Thu Mar 06 11:27:13 - Prow CI generated the docs preview: |
|
@theashiot: This pull request references OBSDOCS-1640 which is a valid jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
Hi @anpingli, i've incorporated the changes for http output that you provided here: https://github.com/openshift/openshift-docs/pull/88847/files#r1973684753 Also would you mind providing the complete example here: https://github.com/openshift/openshift-docs/pull/88847/files#r1973659586 to avoid back and forth :) best, |
| [id="cluster-logging-collector-log-forward-examples-syslog-log-source_{context}"] | ||
| == Adding log source information to message output | ||
|
|
||
| You can add `namespace_name`, `pod_name`, and `container_name` elements to the `message` field of the record by adding the `AddLogSource` field to your `ClusterLogForwarder` custom resource (CR). |
There was a problem hiding this comment.
AddLogSource is replaced with "enrichment: KubernetesMinimal"
| <15>1 2020-11-15T17:06:14+00:00 fluentd-9hkb4 mytag - - - {"msgcontent"=>"Message Contents", "timestamp"=>"2020-11-15 17:06:09", "tag_key"=>"rec_tag", "index"=>56} | ||
| ---- | ||
|
|
||
| .Example syslog message output with `AddLogSource` |
There was a problem hiding this comment.
Example: when enrichment: KubernetesMinimal
2025-03-03T11:42:31+00:00 anliazm3-m8hrk-worker-westus-djq2j syslogaosqersyslogserverd846bb9b: namespace_name=syslog-aosqe, container_name=rsyslog, pod_name=rsyslogserver-d846bb9bc-l2tjr, message={"@timestamp":"2025-03-03T11:42:31.862624122Z","facility":"local0","hostname":"anliazm3-m8hrk-worker-westus-djq2j","kubernetes":{"annotations":{"k8s.ovn.org/pod-networks":"{\"default\":{\"ip_addresses\":[\"10.129.2.40/23\"],\"mac_address\":\"0a:58:0a:81:02:28\",\"gateway_ips\":[\"10.129.2.1\"],\"routes\":[{\"dest\":\"10.128.0.0/14\",\"nextHop\":\"10.129.2.1\"},{\"dest\":\"172.30.0.0/16\",\"nextHop\":\"10.129.2.1\"},{\"dest\":\"169.254.169.5/32\",\"nextHop\":\"10.129.2.1\"},{\"dest\":\"100.64.0.0/16\",\"nextHop\":\"10.129.2.1\"}],\"ip_address\":\"10.129.2.40/23\",\"gateway_ip\":\"10.129.2.1\"}}","k8s.v1.cni.cncf.io/network-status":"[{\n \"name\": \"ovn-kubernetes\",\n \"interface\": \"eth0\",\n \"ips\": [\n \"10.129.2.40\"\n ],\n \"mac\": \"0a:58:0a:81:02:28\",\n \"default\": true,\n \"dns\": {}\n}]","openshift.io/generated-by":"OpenShiftNewApp","openshift.io/scc":"privileged"},"container_id":"cri-o://699290ce5f3af668ebebd1789d5df9bfb1af57ff2bbbeb6241f56af845bbec87","container_image":"quay.io/openshifttest/rsyslogd-container@sha256:e806eb41f05d7cc6eec96bf09c7bcb692f97562d4a983cb019289bd048d9aee2","container_image_id":"quay.io/openshifttest/rsyslogd-container@sha256:821f81c0deea63c4f06481e3773eac3f55892c69c91b3751b0ba61fb6decb905","container_iostream":"stderr","container_name":"rsyslog","labels":{"appname":"rsyslogserver","component":"rsyslogserver","pod-template-hash":"d846bb9bc","provider":"aosqe"},"namespace_id":"ec872692-4bde-45d3-ae4b-89ba35628a3d","namespace_labels":{"kubernetes_io_metadata_name":"syslog-aosqe","pod-security_kubernetes_io_audit":"privileged","pod-security_kubernetes_io_audit-version":"v1.24","pod-security_kubernetes_io_warn":"privileged","pod-security_kubernetes_io_warn-version":"v1.24"},"namespace_name":"syslog-aosqe","pod_id":"54a774f8-9e87-4867-b285-ef868cca6032","pod_ip":"10.129.2.40","pod_name":"rsyslogserver-d846bb9bc-l2tjr","pod_owner":"ReplicaSet/rsyslogserver-d846bb9bc"},"level":"default","log_source":"container","log_type":"application","message":"rsyslogd: netstream session 0x7f1a5ad94620 from 10.129.0.92 will be closed due to error [v8.2102.0-3.fc34 try https://www.rsyslog.com/e/2078 ]","openshift":{"cluster_id":"4fd3bf05-1e95-46cf-8480-62fc9435079c","sequence":1741002167861044318},"proc_id":"-","severity":"informational","tag":"syslogaosqersyslogserverd846bb9b","timestamp":"2025-03-03T11:42:31.862624122Z"}
| This configuration is compatible with both RFC3164 and RFC5424. | ||
| ==== | ||
|
|
||
| .Example syslog message output without `AddLogSource` |
There was a problem hiding this comment.
Example: when enrichment: None
`2025-03-03T11:48:01+00:00 anliazm3-m8hrk-worker-westus-jl26f syslogaosqersyslogserverd846bb9b: {"@timestamp":"2025-03-03T11:48:01.440861985Z","facility":"local0","hostname":"anliazm3-m8hrk-worker-westus-jl26f","kubernetes":{"annotations":{"k8s.ovn.org/pod-networks":"{"default":{"ip_addresses":["10.131.0.30/23"],"mac_address":"0a:58:0a:83:00:1e","gateway_ips":["10.131.0.1"],"routes":[{"dest":"10.128.0.0/14","nextHop":"10.131.0.1"},{"dest":"172.30.0.0/16","nextHop":"10.131.0.1"},{"dest":"169.254.169.5/32","nextHop":"10.131.0.1"},{"dest":"100.64.0.0/16","nextHop":"10.131.0.1"}],"ip_address":"10.131.0.30/23","gateway_ip":"10.131.0.1"}}","k8s.v1.cni.cncf.io/network-status":"[{\n "name": "ovn-kubernetes",\n "interface": "eth0",\n "ips": [\n "10.131.0.30"\n ],\n "mac": "0a:58:0a:83:00:1e",\n "default": true,\n "dns": {}\n}]","openshift.io/generated-by":"OpenShiftNewApp","openshift.io/scc":"privileged"},"container_id":"cri-o://f8da362708b701483429bc448851438417ad654d304cbf302c9f26625b99aeed","container_image":"quay.io/openshifttest/rsyslogd-container@sha256:e806eb41f05d7cc6eec96bf09c7bcb692f97562d4a983cb019289bd048d9aee2","container_image_id":"quay.io/openshifttest/rsyslogd-container@sha256:821f81c0deea63c4f06481e3773eac3f55892c69c91b3751b0ba61fb6decb905","container_iostream":"stderr","container_name":"rsyslog","labels":{"appname":"rsyslogserver","component":"rsyslogserver","pod-template-hash":"d846bb9bc","provider":"aosqe"},"namespace_id":"ec872692-4bde-45d3-ae4b-89ba35628a3d","namespace_labels":{"kubernetes_io_metadata_name":"syslog-aosqe","pod-security_kubernetes_io_audit":"privileged","pod-security_kubernetes_io_audit-version":"v1.24","pod-security_kubernetes_io_warn":"privileged","pod-security_kubernetes_io_warn-version":"v1.24"},"namespace_name":"syslog-aosqe","pod_id":"25ce6cc5-79bd-46d0-a92c-22d573367e12","pod_ip":"10.131.0.30","pod_name":"rsyslogserver-d846bb9bc-vn4fk","pod_owner":"ReplicaSet/rsyslogserver-d846bb9bc"},"level":"default","log_source":"container","log_type":"application","message":"rsyslogd: error during parsing file /etc/rsyslog/conf/rsyslog.conf, on or before line 22: invalid character ''' - is there an invalid escape sequence somewhere? [v8.2102.0-3.fc34 try https://www.rsyslog.com/e/2207 ]","openshift":{"cluster_id":"4fd3bf05-1e95-46cf-8480-62fc9435079c","sequence":1741002487735423758},"proc_id":"-","severity":"informational","tag":"syslogaosqersyslogserverd846bb9b","timestamp":"2025-03-03T11:48:01.440861985Z"}
`
| <4> Values are either `true` or `false`. | ||
| <5> Secret name for destination credentials. | ||
| <6> This value should be the same as the output name. | ||
| <7> The name of your service account. The service account is only required in multi log forwarder implementations if the log forwarder is not deployed in the `openshift-logging` namespace. |
There was a problem hiding this comment.
In 6.2, service account must be specified.
There was a problem hiding this comment.
removed the line: "The service account is only required ..."
theashiot
force-pushed
the
OBSDOCS-1640-neo
branch
from
cd50e30 to
6204113
Compare
| <4> Values are either `true` or `false`. | ||
| <5> Secret name for destination credentials. | ||
| <6> This value should be the same as the output name. | ||
| <7> The name of your service account. The service account is only required in multi log forwarder implementations if the log forwarder is not deployed in the `openshift-logging` namespace. |
There was a problem hiding this comment.
removed the line: "The service account is only required ..."
| [id="cluster-logging-collector-log-forward-examples-syslog-log-source_{context}"] | ||
| == Adding log source information to message output | ||
|
|
||
| You can add `namespace_name`, `pod_name`, and `container_name` elements to the `message` field of the record by adding the `AddLogSource` field to your `ClusterLogForwarder` custom resource (CR). |
| This configuration is compatible with both RFC3164 and RFC5424. | ||
| ==== | ||
|
|
||
| .Example syslog message output without `AddLogSource` |
| <15>1 2020-11-15T17:06:14+00:00 fluentd-9hkb4 mytag - - - {"msgcontent"=>"Message Contents", "timestamp"=>"2020-11-15 17:06:09", "tag_key"=>"rec_tag", "index"=>56} | ||
| ---- | ||
|
|
||
| .Example syslog message output with `AddLogSource` |
| severity: debug | ||
| tag: mytag | ||
| type: syslog | ||
| url: tls://syslog-receiver.openshift-logging.svc:24224 |
There was a problem hiding this comment.
I suggest using 'tls://syslog-receiver.example.com:6514'.
In general, we use 514 as the syslog (TCP/UDP) port, and use 6514 as TLS port
| <7> Set the RFC that the generated messages conform to. The value can be `RFC3164` or `RFC5424`. | ||
| <8> Set the severity level for the message. For more information, see link:https://datatracker.ietf.org/doc/html/rfc5424#section-6.2.1[The Syslog Protocol]. | ||
| <9> Set the delivery mode for log forwarding. The value can be either `AtLeastOnce`, or `AtMostOnce`. | ||
| <10> Specify the absolute URL with a scheme. Valid schemes are: `tcp`, `tls`, `udp` and `udps`. For example: `udps://syslog.example.com:1234`. |
There was a problem hiding this comment.
please remove udps. we don't support udps. Maybe,that is a bug.
How about tls://syslog-receiver.example.com:6514
or udp://syslog-receiver.example.com:514
There was a problem hiding this comment.
updated as tls://syslog-receiver.example.com:6514
|
|
||
| .Example syslog message output with `enrichment: None` | ||
| [source, text] | ||
| ---- |
There was a problem hiding this comment.
How about remove some fileds from this example?
2025-03-03T11:48:01+00:00 anliazm3-m8hrk-worker-westus-jl26f syslogaosqersyslogserverd846bb9b: {xxx:xxx,yyyy:yyyy,.....}
There was a problem hiding this comment.
No, that is my expected.
we should highlight namespace_name, pod_name, and container_name in the example when enrichment is KubernetesMinimal
|
|
||
| [source, text] | ||
| ---- | ||
| 2025-03-03T11:42:31+00:00 anliazm3-m8hrk-worker-westus-djq2j syslogaosqersyslogserverd846bb9b: namespace_name=syslog-aosqe, container_name=rsyslog, pod_name=rsyslogserver-d846bb9bc-l2tjr, message={"@timestamp":"2025-03-03T11:42:31.862624122Z","facility":"local0","hostname":"anliazm3-m8hrk-worker-westus-djq2j","kubernetes":{"annotations":{"k8s.ovn.org/pod-networks":"{\"default\":{\"ip_addresses\":[\"10.129.2.40/23\"],\"mac_address\":\"0a:58:0a:81:02:28\",\"gateway_ips\":[\"10.129.2.1\"],\"routes\":[{\"dest\":\"10.128.0.0/14\",\"nextHop\":\"10.129.2.1\"},{\"dest\":\"172.30.0.0/16\",\"nextHop\":\"10.129.2.1\"},{\"dest\":\"169.254.169.5/32\",\"nextHop\":\"10.129.2.1\"},{\"dest\":\"100.64.0.0/16\",\"nextHop\":\"10.129.2.1\"}],\"ip_address\":\"10.129.2.40/23\",\"gateway_ip\":\"10.129.2.1\"}}","k8s.v1.cni.cncf.io/network-status":"[{\n \"name\": \"ovn-kubernetes\",\n \"interface\": \"eth0\",\n \"ips\": [\n \"10.129.2.40\"\n ],\n \"mac\": \"0a:58:0a:81:02:28\",\n \"default\": true,\n \"dns\": {}\n}]","openshift.io/generated-by":"OpenShiftNewApp","openshift.io/scc":"privileged"},"container_id":"cri-o://699290ce5f3af668ebebd1789d5df9bfb1af57ff2bbbeb6241f56af845bbec87","container_image":"quay.io/openshifttest/rsyslogd-container@sha256:e806eb41f05d7cc6eec96bf09c7bcb692f97562d4a983cb019289bd048d9aee2","container_image_id":"quay.io/openshifttest/rsyslogd-container@sha256:821f81c0deea63c4f06481e3773eac3f55892c69c91b3751b0ba61fb6decb905","container_iostream":"stderr","container_name":"rsyslog","labels":{"appname":"rsyslogserver","component":"rsyslogserver","pod-template-hash":"d846bb9bc","provider":"aosqe"},"namespace_id":"ec872692-4bde-45d3-ae4b-89ba35628a3d","namespace_labels":{"kubernetes_io_metadata_name":"syslog-aosqe","pod-security_kubernetes_io_audit":"privileged","pod-security_kubernetes_io_audit-version":"v1.24","pod-security_kubernetes_io_warn":"privileged","pod-security_kubernetes_io_warn-version":"v1.24"},"namespace_name":"syslog-aosqe","pod_id":"54a774f8-9e87-4867-b285-ef868cca6032","pod_ip":"10.129.2.40","pod_name":"rsyslogserver-d846bb9bc-l2tjr","pod_owner":"ReplicaSet/rsyslogserver-d846bb9bc"},"level":"default","log_source":"container","log_type":"application","message":"rsyslogd: netstream session 0x7f1a5ad94620 from 10.129.0.92 will be closed due to error [v8.2102.0-3.fc34 try https://www.rsyslog.com/e/2078 ]","openshift":{"cluster_id":"4fd3bf05-1e95-46cf-8480-62fc9435079c","sequence":1741002167861044318},"proc_id":"-","severity":"informational","tag":"syslogaosqersyslogserverd846bb9b","timestamp":"2025-03-03T11:42:31.862624122Z"} |
There was a problem hiding this comment.
How about remove some fileds from this example?
There was a problem hiding this comment.
2025-03-03T11:42:31+00:00 anliazm3-m8hrk-worker-westus-djq2j syslogaosqersyslogserverd846bb9b: namespace_name=syslog-aosqe, container_name=rsyslog, pod_name=rsyslogserver-d846bb9bc-l2tjr, message={xxx:xxx,yyyy:yyyy,.....}
| ---- | ||
|
|
||
| [id="cluster-logging-collector-log-forward-examples-syslog-parms_{context}"] | ||
| == Syslog parameters |
There was a problem hiding this comment.
We had introduce these Syslog parameters above. I think we can drop the paragraph below
| serviceAccount: # <14> | ||
| name: logcollector | ||
| ---- | ||
| <1> Specify a name for the output. |
There was a problem hiding this comment.
How about add 'optional' from appName to tuning?
| <7> Set the RFC that the generated messages conform to. The value can be `RFC3164` or `RFC5424`. | ||
| <8> Set the severity level for the message. For more information, see link:https://datatracker.ietf.org/doc/html/rfc5424#section-6.2.1[The Syslog Protocol]. | ||
| <9> Set the delivery mode for log forwarding. The value can be either `AtLeastOnce`, or `AtMostOnce`. | ||
| <10> Specify the absolute URL with a scheme. Valid schemes are: `tcp`, `tls`, `udp` and `udps`. For example: `udps://syslog.example.com:1234`. |
There was a problem hiding this comment.
updated as tls://syslog-receiver.example.com:6514
| severity: debug | ||
| tag: mytag | ||
| type: syslog | ||
| url: tls://syslog-receiver.openshift-logging.svc:24224 |
|
|
||
| .Example syslog message output with `enrichment: None` | ||
| [source, text] | ||
| ---- |
|
|
||
| [source, text] | ||
| ---- | ||
| 2025-03-03T11:42:31+00:00 anliazm3-m8hrk-worker-westus-djq2j syslogaosqersyslogserverd846bb9b: namespace_name=syslog-aosqe, container_name=rsyslog, pod_name=rsyslogserver-d846bb9bc-l2tjr, message={"@timestamp":"2025-03-03T11:42:31.862624122Z","facility":"local0","hostname":"anliazm3-m8hrk-worker-westus-djq2j","kubernetes":{"annotations":{"k8s.ovn.org/pod-networks":"{\"default\":{\"ip_addresses\":[\"10.129.2.40/23\"],\"mac_address\":\"0a:58:0a:81:02:28\",\"gateway_ips\":[\"10.129.2.1\"],\"routes\":[{\"dest\":\"10.128.0.0/14\",\"nextHop\":\"10.129.2.1\"},{\"dest\":\"172.30.0.0/16\",\"nextHop\":\"10.129.2.1\"},{\"dest\":\"169.254.169.5/32\",\"nextHop\":\"10.129.2.1\"},{\"dest\":\"100.64.0.0/16\",\"nextHop\":\"10.129.2.1\"}],\"ip_address\":\"10.129.2.40/23\",\"gateway_ip\":\"10.129.2.1\"}}","k8s.v1.cni.cncf.io/network-status":"[{\n \"name\": \"ovn-kubernetes\",\n \"interface\": \"eth0\",\n \"ips\": [\n \"10.129.2.40\"\n ],\n \"mac\": \"0a:58:0a:81:02:28\",\n \"default\": true,\n \"dns\": {}\n}]","openshift.io/generated-by":"OpenShiftNewApp","openshift.io/scc":"privileged"},"container_id":"cri-o://699290ce5f3af668ebebd1789d5df9bfb1af57ff2bbbeb6241f56af845bbec87","container_image":"quay.io/openshifttest/rsyslogd-container@sha256:e806eb41f05d7cc6eec96bf09c7bcb692f97562d4a983cb019289bd048d9aee2","container_image_id":"quay.io/openshifttest/rsyslogd-container@sha256:821f81c0deea63c4f06481e3773eac3f55892c69c91b3751b0ba61fb6decb905","container_iostream":"stderr","container_name":"rsyslog","labels":{"appname":"rsyslogserver","component":"rsyslogserver","pod-template-hash":"d846bb9bc","provider":"aosqe"},"namespace_id":"ec872692-4bde-45d3-ae4b-89ba35628a3d","namespace_labels":{"kubernetes_io_metadata_name":"syslog-aosqe","pod-security_kubernetes_io_audit":"privileged","pod-security_kubernetes_io_audit-version":"v1.24","pod-security_kubernetes_io_warn":"privileged","pod-security_kubernetes_io_warn-version":"v1.24"},"namespace_name":"syslog-aosqe","pod_id":"54a774f8-9e87-4867-b285-ef868cca6032","pod_ip":"10.129.2.40","pod_name":"rsyslogserver-d846bb9bc-l2tjr","pod_owner":"ReplicaSet/rsyslogserver-d846bb9bc"},"level":"default","log_source":"container","log_type":"application","message":"rsyslogd: netstream session 0x7f1a5ad94620 from 10.129.0.92 will be closed due to error [v8.2102.0-3.fc34 try https://www.rsyslog.com/e/2078 ]","openshift":{"cluster_id":"4fd3bf05-1e95-46cf-8480-62fc9435079c","sequence":1741002167861044318},"proc_id":"-","severity":"informational","tag":"syslogaosqersyslogserverd846bb9b","timestamp":"2025-03-03T11:42:31.862624122Z"} |
| ---- | ||
|
|
||
| [id="cluster-logging-collector-log-forward-examples-syslog-parms_{context}"] | ||
| == Syslog parameters |
| serviceAccount: # <14> | ||
| name: logcollector | ||
| ---- | ||
| <1> Specify a name for the output. |
theashiot
force-pushed
the
OBSDOCS-1640-neo
branch
from
6204113 to
564cab6
Compare
|
@theashiot: This pull request references OBSDOCS-1640 which is a valid jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
theashiot
force-pushed
the
OBSDOCS-1640-neo
branch
from
564cab6 to
2108e7e
Compare
|
LGTM |
|
Thanks a lot @anpingli for the review and excellent suggestions! |
|
@theashiot: This pull request references OBSDOCS-1640 which is a valid jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/label peer-review-needed |
openshift-ci
bot
added
the
peer-review-needed
|
/label peer-review-in-progress |
openshift-ci
bot
added
peer-review-in-progress
| name: logcollector | ||
| ---- | ||
| <1> Specify a name for the output. | ||
| <2> Optional: Specify the value for the "APP-NAME" part of the syslog message header. The value must conform with link:https://datatracker.ietf.org/doc/html/rfc5424[The Syslog Protocol]. The value can be a combination of static and dynamic values consisting of field paths followed by `||`, and then followed by another field path or a static value. The maximum length of the final values is truncated to 48 characters. You must encase a dynamic value curly brackets and the value must be followed with a static fallback value separated with `||`. Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes. Example value: foo-{.bar||"none"}. |
There was a problem hiding this comment.
Foobar, fubar, all variants are disallowed, since it is a term based on profanity.
https://www.ibm.com/docs/en/ibm-style?topic=word-usage#fubar
| <3> Optional: Specify the value for "Facility" part of the MSGID part of the syslog-msg header. | ||
| <4> Optional: Specify the value for "MSGID" part of the MSGID part of the syslog-msg header. The value can be a combination of static and dynamic values consisting of field paths followed by `||`, and then followed by another field path or a static value. The maximum length of the final values is truncated to 32 characters. You must encase a dynamic value curly brackets and the value must be followed with a static fallback value separated with `||`. Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes. Example value: foo-{.bar||"none"}. | ||
| <5> Optional: Specify the record field to use as the payload. The PayloadKey value must be a single field path encased in single curly brackets `{}`. Example: {.bar}. | ||
| <6> Optional: Specify the value for the "PROCID" part of the syslog message header. The value must conform with link:https://datatracker.ietf.org/doc/html/rfc5424[The Syslog Protocol]. The value can be a combination of static and dynamic values consisting of field paths followed by `||`, and then followed by another field path or a static value. The maximum length of the final values is truncated to 48 characters. You must encase a dynamic value curly brackets and the value must be followed with a static fallback value separated with `||`. Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes. Example value: foo-{.bar||"none"}. |
There was a problem hiding this comment.
Same. Foobar disallowed.
https://www.ibm.com/docs/en/ibm-style?topic=word-usage#fubar
| <1> Specify a name for the output. | ||
| <2> Optional: Specify the value for the "APP-NAME" part of the syslog message header. The value must conform with link:https://datatracker.ietf.org/doc/html/rfc5424[The Syslog Protocol]. The value can be a combination of static and dynamic values consisting of field paths followed by `||`, and then followed by another field path or a static value. The maximum length of the final values is truncated to 48 characters. You must encase a dynamic value curly brackets and the value must be followed with a static fallback value separated with `||`. Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes. Example value: foo-{.bar||"none"}. | ||
| <3> Optional: Specify the value for "Facility" part of the MSGID part of the syslog-msg header. | ||
| <4> Optional: Specify the value for "MSGID" part of the MSGID part of the syslog-msg header. The value can be a combination of static and dynamic values consisting of field paths followed by `||`, and then followed by another field path or a static value. The maximum length of the final values is truncated to 32 characters. You must encase a dynamic value curly brackets and the value must be followed with a static fallback value separated with `||`. Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes. Example value: foo-{.bar||"none"}. |
There was a problem hiding this comment.
Same, foobar disallowed.
|
excellent work @theashiot , this is a big document and it looks great. |
|
/label peer-review-done |
openshift-ci
bot
added
peer-review-done
theashiot
force-pushed
the
OBSDOCS-1640-neo
branch
from
2108e7e to
3157343
Compare
|
Thanks, @GroceryBoyJr for the review! I've made all the required updates. |
|
/label merge-review-needed |
openshift-ci
bot
added
the
merge-review-needed
skrthomas
added
merge-review-in-progress
| name: logcollector | ||
| ---- | ||
| <1> Specify a name for the output. | ||
| <2> Optional: Specify the value for the "APP-NAME" part of the syslog message header. The value must conform with link:https://datatracker.ietf.org/doc/html/rfc5424[The Syslog Protocol]. The value can be a combination of static and dynamic values consisting of field paths followed by `||`, and then followed by another field path or a static value. The maximum length of the final values is truncated to 48 characters. You must encase a dynamic value curly brackets and the value must be followed with a static fallback value separated with `||`. Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes. Example value: <value1>-{.<value2>||"none"}. |
There was a problem hiding this comment.
| <2> Optional: Specify the value for the "APP-NAME" part of the syslog message header. The value must conform with link:https://datatracker.ietf.org/doc/html/rfc5424[The Syslog Protocol]. The value can be a combination of static and dynamic values consisting of field paths followed by `||`, and then followed by another field path or a static value. The maximum length of the final values is truncated to 48 characters. You must encase a dynamic value curly brackets and the value must be followed with a static fallback value separated with `||`. Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes. Example value: <value1>-{.<value2>||"none"}. | |
| <2> Optional: Specify the value for the `appName` part of the syslog message header. The value must conform with link:https://datatracker.ietf.org/doc/html/rfc5424[The Syslog Protocol]. The value can be a combination of static and dynamic values consisting of field paths followed by `||`, and then followed by another field path or a static value. The maximum length of the final values is truncated to 48 characters. You must encase a dynamic value curly brackets and the value must be followed with a static fallback value separated with `||`. Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes. Example value: <value1>-{.<value2>||"none"}. |
There was a problem hiding this comment.
Whenever you reference inline parameters, you should use backticks: https://github.com/openshift/openshift-docs/blob/main/contributing_to_docs/doc_guidelines.adoc#quick-markup-reference
There was a problem hiding this comment.
changed to App-Name as this refers to the field in the RFC: https://datatracker.ietf.org/doc/html/rfc5424#section-6.2.5
| ---- | ||
| <1> Specify a name for the output. | ||
| <2> Optional: Specify the value for the "APP-NAME" part of the syslog message header. The value must conform with link:https://datatracker.ietf.org/doc/html/rfc5424[The Syslog Protocol]. The value can be a combination of static and dynamic values consisting of field paths followed by `||`, and then followed by another field path or a static value. The maximum length of the final values is truncated to 48 characters. You must encase a dynamic value curly brackets and the value must be followed with a static fallback value separated with `||`. Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes. Example value: <value1>-{.<value2>||"none"}. | ||
| <3> Optional: Specify the value for "Facility" part of the MSGID part of the syslog-msg header. |
There was a problem hiding this comment.
| <3> Optional: Specify the value for "Facility" part of the MSGID part of the syslog-msg header. | |
| <3> Optional: Specify the value for `facility` part of the MSGID part of the syslog-msg header. |
There was a problem hiding this comment.
updated to Facility and also removed extraneous "part of the MSGID" text
| <1> Specify a name for the output. | ||
| <2> Optional: Specify the value for the "APP-NAME" part of the syslog message header. The value must conform with link:https://datatracker.ietf.org/doc/html/rfc5424[The Syslog Protocol]. The value can be a combination of static and dynamic values consisting of field paths followed by `||`, and then followed by another field path or a static value. The maximum length of the final values is truncated to 48 characters. You must encase a dynamic value curly brackets and the value must be followed with a static fallback value separated with `||`. Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes. Example value: <value1>-{.<value2>||"none"}. | ||
| <3> Optional: Specify the value for "Facility" part of the MSGID part of the syslog-msg header. | ||
| <4> Optional: Specify the value for "MSGID" part of the MSGID part of the syslog-msg header. The value can be a combination of static and dynamic values consisting of field paths followed by `||`, and then followed by another field path or a static value. The maximum length of the final values is truncated to 32 characters. You must encase a dynamic value curly brackets and the value must be followed with a static fallback value separated with `||`. Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes. Example value: <value1>-{.<value2>||"none"}. |
There was a problem hiding this comment.
| <4> Optional: Specify the value for "MSGID" part of the MSGID part of the syslog-msg header. The value can be a combination of static and dynamic values consisting of field paths followed by `||`, and then followed by another field path or a static value. The maximum length of the final values is truncated to 32 characters. You must encase a dynamic value curly brackets and the value must be followed with a static fallback value separated with `||`. Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes. Example value: <value1>-{.<value2>||"none"}. | |
| <4> Optional: Specify the value for `msgId` part of the syslog-msg header. The value can be a combination of static and dynamic values consisting of field paths followed by `||`, and then followed by another field path or a static value. The maximum length of the final values is truncated to 32 characters. You must encase a dynamic value curly brackets and the value must be followed with a static fallback value separated with `||`. Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes. Example value: <value1>-{.<value2>||"none"}. |
There was a problem hiding this comment.
backticks for this and I think maybe some duplicated text?
There was a problem hiding this comment.
Updated as MSGID per RFC and thanks for noticing the duplicated text, removed
| <2> Optional: Specify the value for the "APP-NAME" part of the syslog message header. The value must conform with link:https://datatracker.ietf.org/doc/html/rfc5424[The Syslog Protocol]. The value can be a combination of static and dynamic values consisting of field paths followed by `||`, and then followed by another field path or a static value. The maximum length of the final values is truncated to 48 characters. You must encase a dynamic value curly brackets and the value must be followed with a static fallback value separated with `||`. Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes. Example value: <value1>-{.<value2>||"none"}. | ||
| <3> Optional: Specify the value for "Facility" part of the MSGID part of the syslog-msg header. | ||
| <4> Optional: Specify the value for "MSGID" part of the MSGID part of the syslog-msg header. The value can be a combination of static and dynamic values consisting of field paths followed by `||`, and then followed by another field path or a static value. The maximum length of the final values is truncated to 32 characters. You must encase a dynamic value curly brackets and the value must be followed with a static fallback value separated with `||`. Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes. Example value: <value1>-{.<value2>||"none"}. | ||
| <5> Optional: Specify the record field to use as the payload. The PayloadKey value must be a single field path encased in single curly brackets `{}`. Example: {.<value>}. |
There was a problem hiding this comment.
| <5> Optional: Specify the record field to use as the payload. The PayloadKey value must be a single field path encased in single curly brackets `{}`. Example: {.<value>}. | |
| <5> Optional: Specify the record field to use as the payload. The `payloadKey` value must be a single field path encased in single curly brackets `{}`. Example: {.<value>}. |
| <3> Optional: Specify the value for "Facility" part of the MSGID part of the syslog-msg header. | ||
| <4> Optional: Specify the value for "MSGID" part of the MSGID part of the syslog-msg header. The value can be a combination of static and dynamic values consisting of field paths followed by `||`, and then followed by another field path or a static value. The maximum length of the final values is truncated to 32 characters. You must encase a dynamic value curly brackets and the value must be followed with a static fallback value separated with `||`. Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes. Example value: <value1>-{.<value2>||"none"}. | ||
| <5> Optional: Specify the record field to use as the payload. The PayloadKey value must be a single field path encased in single curly brackets `{}`. Example: {.<value>}. | ||
| <6> Optional: Specify the value for the "PROCID" part of the syslog message header. The value must conform with link:https://datatracker.ietf.org/doc/html/rfc5424[The Syslog Protocol]. The value can be a combination of static and dynamic values consisting of field paths followed by `||`, and then followed by another field path or a static value. The maximum length of the final values is truncated to 48 characters. You must encase a dynamic value curly brackets and the value must be followed with a static fallback value separated with `||`. Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes. Example value: <value1>-{.<value2>||"none"}. |
There was a problem hiding this comment.
| <6> Optional: Specify the value for the "PROCID" part of the syslog message header. The value must conform with link:https://datatracker.ietf.org/doc/html/rfc5424[The Syslog Protocol]. The value can be a combination of static and dynamic values consisting of field paths followed by `||`, and then followed by another field path or a static value. The maximum length of the final values is truncated to 48 characters. You must encase a dynamic value curly brackets and the value must be followed with a static fallback value separated with `||`. Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes. Example value: <value1>-{.<value2>||"none"}. | |
| <6> Optional: Specify the value for the `procId` part of the syslog message header. The value must conform with link:https://datatracker.ietf.org/doc/html/rfc5424[The Syslog Protocol]. The value can be a combination of static and dynamic values consisting of field paths followed by `||`, and then followed by another field path or a static value. The maximum length of the final values is truncated to 48 characters. You must encase a dynamic value curly brackets and the value must be followed with a static fallback value separated with `||`. Static values can only contain alphanumeric characters along with dashes, underscores, dots and forward slashes. Example value: <value1>-{.<value2>||"none"}. |
| ---- | ||
|
|
||
| [id="cluster-logging-collector-log-forward-examples-syslog-log-source_{context}"] | ||
| == Adding log source information to message output |
There was a problem hiding this comment.
| == Adding log source information to message output | |
| == Adding log source information to the message output |
| ---- | ||
| spec: | ||
| outputs: | ||
| - name: syslogout | ||
| syslog: | ||
| enrichment: KubernetesMinimal: true | ||
| facility: user | ||
| payloadKey: message | ||
| rfc: RFC3164 | ||
| severity: debug | ||
| tag: mytag | ||
| type: syslog | ||
| url: tls://syslog-receiver.example.com:6514 | ||
| pipelines: | ||
| - inputRefs: | ||
| - application | ||
| name: test-app | ||
| outputRefs: | ||
| - syslogout | ||
| ---- |
There was a problem hiding this comment.
| ---- | |
| spec: | |
| outputs: | |
| - name: syslogout | |
| syslog: | |
| enrichment: KubernetesMinimal: true | |
| facility: user | |
| payloadKey: message | |
| rfc: RFC3164 | |
| severity: debug | |
| tag: mytag | |
| type: syslog | |
| url: tls://syslog-receiver.example.com:6514 | |
| pipelines: | |
| - inputRefs: | |
| - application | |
| name: test-app | |
| outputRefs: | |
| - syslogout | |
| ---- | |
| ---- | |
| # ... | |
| spec: | |
| outputs: | |
| - name: syslogout | |
| syslog: | |
| enrichment: KubernetesMinimal: true | |
| facility: user | |
| payloadKey: message | |
| rfc: RFC3164 | |
| severity: debug | |
| tag: mytag | |
| type: syslog | |
| url: tls://syslog-receiver.example.com:6514 | |
| pipelines: | |
| - inputRefs: | |
| - application | |
| name: test-app | |
| outputRefs: | |
| - syslogout | |
| # ... | |
| ---- |
There was a problem hiding this comment.
I notice that the spec is spaced over, probably because there's other parameters before. I would suggest using an elipses here to make that clearer, and maybe adding the context of what comes right before that spec would be orienting to customers too?
There was a problem hiding this comment.
good point added "#..." at the beginning and at the end. As the example is about updating an existing CR, i don't think we need to add what comes before and after. TBH, I'll probably rewrite this with section as part of https://issues.redhat.com/browse/OBSDOCS-1747 because it is just showing the difference between
enrichment: KubernetesMinimal and enrichment: None
we have already covered this field in the earlier example. And i'm sure you can guess that this comes from legacy text! Lemme know your thoughts.
There was a problem hiding this comment.
That sounds good, @theashiot ! Thanks for updating with the ellipses and the plan to spiff this up later.
theashiot
force-pushed
the
OBSDOCS-1640-neo
branch
from
3157343 to
83e5da8
Compare
|
@theashiot: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
/cherrypick logging-docs-6.2-4.18 |
|
@skrthomas: new pull request created: #89738 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/cherrypick logging-docs-6.2-4.17 |
|
/cherrypick logging-docs-6.2-4.16 |
|
@skrthomas: new pull request created: #89739 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
@skrthomas: new pull request created: #89740 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
Version(s): 4.19, 4.18, 4.17,4.16. Note that this needs to be cherry-picked to logging-docs-6.2-4.18, logging-docs-6.2-4.17, logging-docs-6.2-4.16 release branches and not enterprise-4.18, enterprise-4.17 branches.
Issue: https://issues.redhat.com/browse/OBSDOCS-1640
Link to docs preview:
QE review:
Additional information:
The changes are only to update the spec in yaml as compared to the previous release, published here:
https://docs.openshift.com/container-platform/4.16/observability/logging/log_collection_forwarding/configuring-log-forwarding.html#logging-http-forward_configuring-log-forwarding
and
https://docs.openshift.com/container-platform/4.16/observability/logging/log_collection_forwarding/configuring-log-forwarding.html#cluster-logging-collector-log-forward-syslog_configuring-log-forwarding