Log to Metrics
Generate metrics from logs
Last updated
Was this helpful?
Generate metrics from logs
Last updated
Was this helpful?
The log to metrics filter lets you generate log-derived metrics. It supports modes to count records, provide a guage for field values, or create a histogram. You can also match or exclude specific records based on regular expression patterns for values or nested values.
This filter does not actually act as a record filter and therefore does not change or drop records. All records will pass through this filter untouched, and any generated metrics will be emitted into a separate metric pipeline.
This filter is an experimental feature and is not recommended for production use. Configuration parameters and other capabilities are subject to change without notice.
The plugin supports the following configuration parameters:
tag
Required. Defines the tag for the generated metrics record.
metric_mode
Required. Defines the mode for the metric. Valid values are counter, gauge or histogram.
metric_name
Required. Sets the name of the metric.
metric_description
Required. Sets a description for the metric.
bucket
Required for mode histogram. Defines a bucket for histograms.
For example, 0.75
add_label
Adds a custom label NAME and set the value to the value of KEY.
label_field
Includes a record field as label dimension in the metric.
value_field
Required for modes gauge and histogram. Specifies the record field that holds a numerical value.
kubernetes_mode
Regex
Includes records in which the content of KEY matches the regular expression.
KEY REGEX
Exclude
Excludes records in which the content of KEY matches the regular expression.
KEY REGEX
Flush_Interval_Sec
The interval for metrics emission, in seconds. If Flush_Interval_Sec and Flush_Interval_Nsec are either both unset or both set to 0, the filter emits metrics immediately after each filter match. Otherwise, if either parameter is set to a non-zero value, the filter emits metrics at the specified interval. Longer intervals help lower resource consumption in high-load situations. Default value: 0.
Flush_Interval_Nsec
The interval for metrics emission, in nanoseconds. This parameter works in conjunction with Flush_Interval_Sec. Default value: 0.
The following example takes records from two dummy inputs and counts all messages that pass through the log_to_metrics filter. It then generate metric records, which are provided to the prometheus_exporter output:
You can then use a tool like curl to retrieve the generated metric:
The gauge mode needs a value_field to specify where to generate the metric values from. This example also applies a regex filter and enables the kubernetes_mode option:
You can then use a tool like curl to retrieve the generated metric:
In the resulting output, only one line is printed. Records from the first input plugin are ignored because they don't match the regular expression.
If you execute the example curl command multiple times, the example metric value remains at 60 because the messages generated by the Dummy plugin don't change. In a real-world scenario, the values would change and return to the last processed value.
label_valuesThe label sets defined by add_label and label_field are added to the metric. The lines in the metric represent every combination of labels. Only combinations that are actualy used are displayed here. To see this, you can add a dummy input to your configuration.
The metric output would then look like:
You can also see that all Kubernetes labels have been attached to the metric accordingly.
Similar to the gauge mode, the histogram mode needs a value_field to specify where to generate the metric values from. This example also applies a regex filter and enables the kubernetes_mode option:
You can then use a tool like curl to retrieve the generated metric:
In the resulting output, there are several buckets by default: 0.005, 0.01, 0.025, 0.05, 0.1, 0.25, 0.5, 1.0, 2.5, 5.0, 10.0 and +Inf. Values are sorted into these buckets. A sum and a counter are also part of this metric. You can specify own buckets in the configuration, like in the following example:
This filter also attaches Kubernetes labels to each metric, identical to the behavior of label_field. This results in two sets for the histogram.
Name of record key. Supports notation for nested fields.
Name of record key. Supports notation for nested fields.
If enabled, adds pod_id, pod_name, namespace_name, docker_id and container_name to the metric as labels. This option is intended to be used in combination with the filter plugin, which fills those fields.
This filter also lets you use multiple rules, which are applied in order. You can have as many regex and exclude entries as required (see filter plugin).
