|
| 1 | +// Module included in the following assemblies: |
| 2 | +// |
| 3 | +// * observability/otel/otel-sending-traces-logs-and-metrics-to-otel-collector.adoc |
| 4 | + |
| 5 | +:_mod-docs-content-type: PROCEDURE |
| 6 | +[id="collecting-container-logs-with-filelog-sidecar_{context}"] |
| 7 | += Collecting container logs with the Filelog Receiver and sidecar injection |
| 8 | + |
| 9 | +[role="_abstract"] |
| 10 | +To collect logs from application containers, you can use the Filelog Receiver with sidecar injection. This approach is useful when your application writes logs to files within the container filesystem. |
| 11 | + |
| 12 | +.Prerequisites |
| 13 | + |
| 14 | +* You have access to the cluster as a cluster administrator with the `cluster-admin` role. |
| 15 | +
|
| 16 | +The {OTELOperator} allows injecting an OpenTelemetry Collector as a sidecar container into a application pod. To access the generated files, both pods require a shared volume for the application container and the sidecar Collector. The Filelog Receiver can then tail log files and apply Operators to parse and transform the logs. |
| 17 | + |
| 18 | +.Procedure |
| 19 | + |
| 20 | +. Create an OpenTelemetry Collector instance configured with the filelog Receiver in sidecar mode. Ensure a matching `volumeMounts` entry is set to grant the sidecar access to your targeted files. |
| 21 | ++ |
| 22 | +[source,yaml] |
| 23 | +---- |
| 24 | +apiVersion: opentelemetry.io/v1beta1 |
| 25 | +kind: OpenTelemetryCollector |
| 26 | +metadata: |
| 27 | + name: filelog |
| 28 | + namespace: otel-logging |
| 29 | +spec: |
| 30 | + mode: sidecar |
| 31 | + volumeMounts: # <1> |
| 32 | + - name: logs |
| 33 | + mountPath: /var/log/app |
| 34 | + config: |
| 35 | + receivers: |
| 36 | + filelog: |
| 37 | + include: # <2> |
| 38 | + - /var/log/app/*.log |
| 39 | + operators: |
| 40 | + - type: regex_parser |
| 41 | + regex: '^(?P<timestamp>\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}) \[(?P<level>\w+)\] (?P<message>.*)$' |
| 42 | + timestamp: |
| 43 | + parse_from: attributes.timestamp |
| 44 | + layout: '%Y-%m-%d %H:%M:%S' |
| 45 | + processors: {} |
| 46 | + exporters: |
| 47 | + debug: |
| 48 | + verbosity: detailed |
| 49 | + service: |
| 50 | + pipelines: |
| 51 | + logs: |
| 52 | + receivers: [filelog] |
| 53 | + processors: [] |
| 54 | + exporters: [debug] |
| 55 | +---- |
| 56 | +<1> Defines the volume mount that the sidecar collector will use to access the log files. This volume must match the volume name defined in the application deployment. |
| 57 | +<2> Specifies file glob patterns for matching the log files to tail. The Filelog Receiver watches these paths for new log entries. |
| 58 | ++ |
| 59 | +[IMPORTANT] |
| 60 | +==== |
| 61 | +The `volumeMounts` field in the `OpenTelemetryCollector` custom resource is critical for the sidecar to access log files. The volume specified here must be defined in the application's `Deployment` or `Pod` specification, and both the application container and the sidecar collector must mount the same volume. |
| 62 | +==== |
| 63 | + |
| 64 | +[role="_additional-resources"] |
| 65 | +.Additional resources |
| 66 | +* xref:../../../observability/otel/otel-collector/otel-collector-receivers.adoc#filelog-receiver_otel-collector-receivers[Filelog Receiver] |
| 67 | +* xref:../../../observability/otel/otel-collector/otel-collector-receivers.adoc#otel-collector-receivers[Receivers] |
0 commit comments