We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
/code/env/preproduction $ terraform -v Terraform v1.3.6 on linux_amd64 + provider registry.terraform.io/datadog/datadog v3.18.0 + provider registry.terraform.io/hashicorp/google v4.44.1 + provider registry.terraform.io/hashicorp/google-beta v4.44.1 + provider registry.terraform.io/integrations/github v5.11.0
datadog_logs_custom_pipeline
resource "datadog_logs_custom_pipeline" "google_cloud_run_custom" { is_enabled = true name = "Google Cloud Run Custom" filter { query = "source:gcp.cloud.run.revision" } processor { attribute_remapper { is_enabled = true name = "Remap data.jsonPayload.context to context" override_on_conflict = false preserve_source = true source_type = "attribute" sources = [ "data.jsonPayload.context", ] target = "context" target_type = "attribute" } } processor { attribute_remapper { is_enabled = true name = "Remap data.jsonPayload.extra to extra" override_on_conflict = false preserve_source = true source_type = "attribute" sources = [ "data.jsonPayload.extra", ] target = "extra" target_type = "attribute" } } processor { attribute_remapper { is_enabled = true name = "Remap data.jsonPayload.channel to channel" override_on_conflict = false preserve_source = true source_type = "attribute" sources = [ "data.jsonPayload.channel", ] target = "channel" target_type = "attribute" } } processor { date_remapper { is_enabled = true name = "Define data.timestamp as the official log date" sources = [ "data.timestamp", ] } } processor { service_remapper { is_enabled = true name = "Define data.labels.service as official log service " sources = [ "data.labels.service", ] } } processor { service_remapper { is_enabled = true name = "Define data.resource.labels.service_name as the official log service" sources = [ "data.resource.labels.service_name", ] } } processor { service_remapper { is_enabled = true name = "Define data.jsonPayload.service as the official log service" sources = [ "data.jsonPayload.service", ] } } processor { message_remapper { is_enabled = true name = "Define data.textPayload as the official log message" sources = [ "data.textPayload", ] } } processor { message_remapper { is_enabled = true name = "Define data.jsonPayload.message as the official log message" sources = [ "data.jsonPayload.message", ] } } processor { grok_parser { is_enabled = true name = "Parsing Message" samples = [ "169.254.8.129 - - [08/May/2019 18:07:08] \"GET /121323/321321?a=123 HTTP/1.1\" 404 -", ] source = "message" grok { support_rules = "" match_rules = <<-EOT parse_message %%{ip} %%{notSpace} %%{notSpace} %%{notSpace} %%{notSpace} "%%{notSpace:http.method} %%{notSpace:http.url} %%{notSpace:http.protocol}" %%{notSpace:http.status_code}.* #It is unclear the meaning of the IP here: it is not the source or the destination IP. EOT } } } processor { pipeline { is_enabled = true name = "Nginx" filter { query = "" } processor { grok_parser { is_enabled = true name = "Parsing Nginx logs" samples = [ "127.0.0.1 - frank [13/Jul/2016:10:55:36 +0000] \"GET /apache_pb.gif HTTP/1.0\" 200 2326", "172.17.0.1 - - [06/Jan/2017:16:16:37 +0000] \"GET /datadoghq/company?test=var1%20Pl HTTP/1.1\" 200 612 \"http://www.perdu.com/\" \"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36\" \"-\"", "2017/09/26 14:36:50 [error] 8409#8409: *317058 \"/usr/share/nginx/html/sql/sql-admin/index.html\" is not found (2: No such file or directory), client: 217.92.148.44, server: localhost, request: \"HEAD http://174.138.82.103:80/sql/sql-admin/ HTTP/1.1\", host: \"174.138.82.103\"", ] source = "message" grok { match_rules = <<-EOT access.common %%{_client_ip} %%{_ident} %%{_auth} \[%%{_date_access}\] "(?>%%{_method} |)%%{_url}(?> %%{_version}|)" %%{_status_code} (?>%%{_bytes_written}|-) access.combined %%{access.common} (%%{number:duration:scale(1000000000)} )?"%%{_referer}" "%%{_user_agent}"( "%%{_x_forwarded_for}")?.* error.format %%{date("yyyy/MM/dd HH:mm:ss"):date_access} \[%%{word:level}\] %%{data:error.message}(, %%{data::keyvalue(": ",",")})? EOT support_rules = <<-EOT _auth %%{notSpace:http.auth:nullIf("-")} _bytes_written %%{integer:network.bytes_written} _client_ip %%{ipOrHost:network.client.ip} _version HTTP\/%%{regex("\\d+\\.\\d+"):http.version} _url %%{notSpace:http.url} _ident %%{notSpace:http.ident:nullIf("-")} _user_agent %%{regex("[^\\\"]*"):http.useragent} _referer %%{notSpace:http.referer} _status_code %%{integer:http.status_code} _method %%{word:http.method} _date_access %%{date("dd/MMM/yyyy:HH:mm:ss Z"):date_access} _x_forwarded_for %%{regex("[^\\\"]*"):http._x_forwarded_for:nullIf("-")} EOT } } } processor { attribute_remapper { is_enabled = true name = "Remap client to client ip" override_on_conflict = false preserve_source = false source_type = "attribute" sources = [ "client", ] target = "network.client.ip" target_type = "attribute" } } processor { grok_parser { is_enabled = true name = "Parsing Nginx Error log requests" samples = [] source = "request" grok { match_rules = <<-EOT request_parsing (?>%%{_method} |)%%{_url}(?> %%{_version}|) EOT support_rules = <<-EOT _method %%{word:http.method} _url %%{notSpace:http.url} _version HTTP\/%%{regex("\\d+\\.\\d+"):http.version} EOT } } } processor { url_parser { is_enabled = true normalize_ending_slashes = false sources = [ "http.url", ] target = "http.url_details" } } processor { user_agent_parser { is_enabled = true is_encoded = false sources = [ "http.useragent", ] target = "http.useragent_details" } } processor { date_remapper { is_enabled = true name = "Define Date_access as the official timestamp of the log" sources = [ "date_access", ] } } processor { category_processor { is_enabled = true name = "Categorise status code" target = "http.status_category" category { name = "OK" filter { query = "@http.status_code:[200 TO 299]" } } category { name = "notice" filter { query = "@http.status_code:[300 TO 399]" } } category { name = "warning" filter { query = "@http.status_code:[400 TO 499]" } } category { name = "error" filter { query = "@http.status_code:[500 TO 599]" } } } } processor { status_remapper { is_enabled = true name = "Set the log status based on the status code value" sources = [ "http.status_category", "level", ] } } } } processor { pipeline { is_enabled = true name = "PHP" filter { query = "" } processor { grok_parser { is_enabled = true name = "Parsing php Default formats" samples = [ "Error message. [dd.span_id=\"4014120331748607290\" dd.trace_id=\"2762343115747197096\"]", ] source = "message" grok { support_rules = "" match_rules = <<-EOT default_parser %%{data::keyvalue} EOT } } } processor { trace_id_remapper { is_enabled = true name = "Define data.jsonPayload.dd.trace_id as the official trace id associated to this log" sources = [ "data.jsonPayload.dd.trace_id", ] } } processor { attribute_remapper { is_enabled = true name = "Set the datadog environment tag" override_on_conflict = true preserve_source = false source_type = "attribute" sources = [ "dd.env", ] target = "env" target_type = "tag" } } processor { attribute_remapper { is_enabled = true name = "Set the datadog version tag" override_on_conflict = true preserve_source = false source_type = "attribute" sources = [ "dd.version", ] target = "version" target_type = "tag" } } processor { service_remapper { is_enabled = true name = "Define dd.service as the official service of the log" sources = [ "dd.service", ] } } } } processor { pipeline { is_enabled = true name = "Supervisord" filter { query = "" } processor { grok_parser { is_enabled = true name = "Parsing Supervisord logs" samples = [ "2020-09-18 10:10:32,584 BLAT Increased RLIMIT_NOFILE limit to 128000", "2020-09-18 10:10:32,584 WARN Included extra file \"/home/vagrant/etc/supervisor/conf.d/integrations.conf\" during parsing", <<-EOT 2020-09-18 10:10:32,592 TRAC /var/run/supervisor.sock:Medusa (V1.12) started at Fri Sep 18 10:10:32 2020 Hostname: <unix domain socket> Port:/var/run/supervisor.sock EOT ] source = "message" grok { match_rules = <<-EOT Supervisord_default %%{_date}\s+%%{_status}\s+%%{data:message} EOT support_rules = <<-EOT _date %%{date("yyyy-MM-dd HH:mm:ss,SSS"):timestamp} _status %%{word:status} EOT } } } processor { date_remapper { is_enabled = true name = "Define timestamp as the official timestamp of the log" sources = [ "timestamp", ] } } processor { status_remapper { is_enabled = true name = "Define status as the official status of the log" sources = [ "status", ] } } processor { message_remapper { is_enabled = true name = "Define message as the official message of the log" sources = [ "message", ] } } } } processor { attribute_remapper { is_enabled = true name = "data.httpRequest.remoteIp to network.client.ip" override_on_conflict = false preserve_source = false source_type = "attribute" sources = [ "data.httpRequest.remoteIp", ] target = "network.client.ip" target_type = "attribute" } } processor { attribute_remapper { is_enabled = true name = "data.httpRequest.serverIp to network.destination.ip" override_on_conflict = false preserve_source = false source_type = "attribute" sources = [ "data.httpRequest.serverIp", ] target = "network.destination.ip" target_type = "attribute" } } processor { attribute_remapper { is_enabled = true name = "data.httpRequest.responseSize to network.bytes_written" override_on_conflict = false preserve_source = false source_type = "attribute" sources = [ "data.httpRequest.responseSize", ] target = "network.bytes_written" target_type = "attribute" } } processor { attribute_remapper { is_enabled = true name = "data.httpRequest.requestSize to network.bytes_read" override_on_conflict = false preserve_source = false source_type = "attribute" sources = [ "data.httpRequest.requestSize", ] target = "network.bytes_read" target_type = "attribute" } } processor { grok_parser { is_enabled = true name = "Parsing Http latency" samples = [] source = "data.httpRequest.latency" grok { support_rules = "" match_rules = <<-EOT duration %%{notSpace:duration:scale(1000000000)}s EOT } } } processor { attribute_remapper { is_enabled = true name = "data.httpRequest.requestMethod to http.method" override_on_conflict = false preserve_source = false source_type = "attribute" sources = [ "data.httpRequest.requestMethod", ] target = "http.method" target_type = "attribute" } } processor { url_parser { is_enabled = true normalize_ending_slashes = false sources = [ "data.httpRequest.requestUrl", "http.url", ] target = "http.url_details" } } processor { attribute_remapper { is_enabled = true name = "data.httpRequest.requestUrl to http.url" override_on_conflict = false preserve_source = false source_type = "attribute" sources = [ "data.httpRequest.requestUrl", ] target = "http.url" target_type = "attribute" } } processor { attribute_remapper { is_enabled = true name = "data.httpRequest.status to http.status_code" override_on_conflict = false preserve_source = false source_type = "attribute" sources = [ "data.httpRequest.status", ] target = "http.status_code" target_type = "attribute" } } processor { attribute_remapper { is_enabled = true name = "data.httpRequest.userAgent to http.userAgent" override_on_conflict = false preserve_source = false source_type = "attribute" sources = [ "data.httpRequest.userAgent", ] target = "http.userAgent" target_type = "attribute" } } processor { attribute_remapper { is_enabled = true name = "data.httpRequest.protocol to http.protocol" override_on_conflict = false preserve_source = false source_type = "attribute" sources = [ "data.httpRequest.protocol", ] target = "http.protocol" target_type = "attribute" } } processor { attribute_remapper { is_enabled = true name = "data.httpRequest.latency to http.latency" override_on_conflict = false preserve_source = false source_type = "attribute" sources = [ "data.httpRequest.latency", ] target = "http.latency" target_type = "attribute" } } processor { user_agent_parser { is_enabled = true is_encoded = false sources = [ "http.userAgent", ] target = "http.useragent_details" } } processor { category_processor { is_enabled = true name = "Categorise status code" target = "http.status_category" category { name = "OK" filter { query = "@http.status_code:[200 TO 299]" } } category { name = "notice" filter { query = "@http.status_code:[300 TO 399]" } } category { name = "warning" filter { query = "@http.status_code:[400 TO 499]" } } category { name = "error" filter { query = "@http.status_code:[500 TO 599]" } } } } processor { status_remapper { is_enabled = true name = "Define http.status or data.severity or data.jsonPayload.level_name as the official log status" sources = [ "http.status_category", "data.severity", "data.jsonPayload.level_name", ] } } processor { attribute_remapper { is_enabled = true name = "Rename attribute data.labels.env to tag env" override_on_conflict = false preserve_source = true source_type = "attribute" sources = [ "data.labels.env", ] target = "env" target_type = "tag" } } }
https://gist.github.com/piotrekkr/3c8f890c5f0bf09f615ab365bd5a359f
No panic
Log pipeline should be created
DataDog plugin crashed
terraform apply
none
The text was updated successfully, but these errors were encountered:
Successfully merging a pull request may close this issue.
Terraform Version
Affected Resource(s)
datadog_logs_custom_pipelineTerraform Configuration Files
Debug Output
https://gist.github.com/piotrekkr/3c8f890c5f0bf09f615ab365bd5a359f
Panic Output
No panic
Expected Behavior
Log pipeline should be created
Actual Behavior
DataDog plugin crashed
Steps to Reproduce
terraform applyImportant Factoids
none
References
none
The text was updated successfully, but these errors were encountered: