跳到主要內容

FluentD 實作 Error Log

FluentD 實作 Error Log

本篇將介紹使用 DotNet 專案 log4net 套件,紀錄的 log
針對 Error Level 的訊息透過FluentD 提取出來
在紀錄中 增加 trace ID
設入 MongoDB , 及加入 Slack 通知

延伸閱讀

FluentD 參數說明
FluentD 實作 Nginx Access Log
FluentD 實作 Nginx Access Log 補充

log4net


<?xml version="1.0" encoding="utf-8" ?>
<configuration>
  <log4net>
    <appender name="All" type="log4net.Appender.RollingFileAppender">
      <file value="/var/log/my.log" />
      <appendToFile value="true" />
      <rollingStyle value="Size" />
      <datePattern value="yyyy-MM-dd" />
      <maximumFileSize value="5MB" />
      <maxSizeRollBackups value="10" />
      <staticLogFileName value="true" />
      <PreserveLogFileNameExtension value="true" />
      <layout type="log4net.Layout.PatternLayout">
        <conversionPattern value="[%date] [%thread] %level %logger - %message%newline" />
      </layout>
    </appender>
    <root>
      <appender-ref ref="All" />
    </root>
  </log4net>
</configuration>

Dockerfile


FROM fluent/fluentd:v1.8.1-1.0

# Use root account to use apk
USER root

# below RUN includes plugin as examples elasticsearch is not required
# you may customize including plugins as you wish
RUN apk add --no-cache --update --virtual .build-deps \
        sudo build-base ruby-dev \
     && sudo gem install fluent-plugin-mongo \
     && sudo gem install fluent-plugin-add-uuid \
     && sudo gem install fluent-plugin-slack \
     && sudo gem sources --clear-all \
     && apk del .build-deps \
     && rm -rf /home/fluent/.gem/ruby/2.5.0/cache/*.gem

VOLUME ["/fluentd/etc","/fluentd/log","/var/log"]

fluent.conf


<source>
    @type tail
    path /var/log/my.log
    pos_file /var/log/td-agent/my.log4net.log.pos
    tag log4net.web
    multiline_flush_interval 10s
    #format /^\[(?<logdt>[^\]]*)\] \[(?<thread>[^ ]*)\] (?<level>[^ ]*) (?<logger>[^ ]*) - (?<message>[^*]*)?$/
    <parse>
      @type multiline
      format_firstline  /\[\d{4}-\d{1,2}-\d{1,2}/
      format1 /^\[(?<logdt>[^\]]*)\] \[(?<thread>[^ ]*)\] (?<level>[^ ]*) (?<logger>[^ ]*) - (?<message>.*)/
    </parse>
  </source>
  <filter log4net.web>
    @type grep
    <regexp>
      key level
      pattern /ERROR/
    </regexp>
  </filter>
  <filter log4net.web>
    @type adduuid
    key _uuid
  </filter>
  <match log4net.web>
    @type copy
    <store>
      @type mongo
      略...
    </store>
    <store>
      @type slack
      token xoxb-${sleck bot token}
      username fluentd-dev
      webhook_url https://hooks.slack.com/services/${hook path}
      title %s
      title_keys tag
      message %s %s
      message_keys logdt,_uuid
    </store>
  </match>
</worker>

標籤

標籤:

留言

張貼留言

這個網誌中的熱門文章

Grafana Dashboard 建立

建立自己的 Dashboard # 由於 intelligent sense 相當不錯,輸入關鍵字他會帶出 metric label # 另外可參考 https://prometheus.io/docs/prometheus/latest/querying/basics/ Prometheus Query # 或是直接拿其他已建立的Dashboard 可複製到新的 Dashboard ex: node_memory_MemTotal_bytes # 取伺服器記憶體容量資料 # 過濾條件在{}加入 ex: node_memory_MemTotal_bytes{instance="${server 1}:9100"} # 要取特定伺服器資料 # Setting 中設定 Variables ex: node_memory_MemTotal_bytes{instance=~"$node"} # 變數名稱 node 建立 Alert .Visualization 必須是Graph
張貼留言
閱讀完整內容

FluentD 參數說明

FluentD 高效、統一的日誌收集器 延伸閱讀 FluentD 實作 Nginx Access Log FluentD 實作 Nginx Access Log 補充 FluentD 安裝 Dockerfile FROM fluent/fluentd:v1.8.1-1.0 # Use root account to use apk USER root # below RUN includes plugin as examples elasticsearch is not required # you may customize including plugins as you wish RUN apk add --no-cache --update --virtual .build-deps \ sudo build-base ruby-dev \ && apk add mariadb-dev \ && sudo gem install fluent-plugin-elasticsearch \ && sudo gem install fluent-plugin-mongo \ && sudo gem install fluent-plugin-sql \ && sudo gem install mysql2 -v 0.5.2 \ && sudo gem sources --clear-all \ && apk del .build-deps \ && rm -rf /home/fluent/.gem/ruby/2.5.0/cache/*.gem VOLUME ["/fluentd/etc","/fluentd/log","/var/log"] docker-compose.yml version: '3' services: fluentd: build: context: . dockerfile: ./Dockerfile image: my/flue...
張貼留言
閱讀完整內容