Only Keep Important Logs#
Controlling Observability costs is important.
In this scenario, only logs with a severity level of WARN or above (eg. Warning, Error or Fatal)
Up to now, we have been processing and rewriting log content as it flows through the collector.
scenario9.yaml shows the OpenTelemetry collector configuration to achieve this.
Stop Previous Collector#
If you haven't done so already, stop the previous collector process by pressing Ctrl + C.
Start Collector#
Run the following command to start the collector:
/workspaces/$RepositoryName/dynatrace-otel-collector --config=/workspaces/$RepositoryName/scenario9.yaml
Ordering matters
Notice the service.pipelines.logs.processors definition.
Unlike scenario 8, the logs are transformed first then filtered.
This is to ensure the logs have the correct severity level before a filtering decision is made.
processors: [resourcedetection, transform, filter, batch]
Generate Log Data#
Open file.log file and add these two lines then save the file.
My ninth dummy log line.
My tenth dummy log line. Please investigate - something is broken
Only 1 log line received
You should see only one of these lines in the collector & Dynatrace.
Both log lines have no explicit severity, but remember the collector rules create severities due to the transform processor.
- The first line:
My ninth dummy log line.will be mapped to anINFOevent. - The second line:
My tenth dummy log line. Please investigate - something is brokenwill be mapped to anERRORevent.
Due to the filter processor rules, the INFO line will be dropped and ONLY the ERROR log line will be sent to Dynatrace.
View Data in Dynatrace#
Tip
Right click and "open image in new tab" to see large image
fetch logs
| filter contains(content, "dummy log line")
Click the Run button again on the DQL tile. You should see the new data.
Congratulations! You can now surgically decide on which log lines to store.