commit ca4d9bc17ec86512b7960035410d6507bbf68360
author Roman Lubianyi <rlubianyi@mirantis.com> Fri May 22 13:16:32 2020 +0300
committer rlubianyi <rlubianyi@mirantis.com> Thu May 28 16:11:39 2020 +0000
tree ac4100bf9d0ec6f5c147851a04ba37b9a3c6b197
parent 66c1159c8a8f89f781551ebf9735e9b4cbc7d789

Fix fluentd log parsing issue for rabbitmq-server version 3.8 and above

PROD-35362

Change-Id: I8e2635a7bda9845c490e8375768b34492d56f2b4

rabbitmq/meta/fluentd.yml

diff --git a/rabbitmq/meta/fluentd.yml b/rabbitmq/meta/fluentd.yml
index 823921e..9aaa346 100644
--- a/rabbitmq/meta/fluentd.yml
+++ b/rabbitmq/meta/fluentd.yml
@@ -1,8 +1,25 @@
 {%- if pillar.get('fluentd', {}).get('agent', {}).get('enabled', False) %}
+  {%- set rmq_version = salt['pkg.version']('rabbitmq-server') %}
 agent:
   config:
     label:
       rabbitmq:
+  {%- if salt['pkg.version_cmp'](rmq_version,'3.8') >= 0 %}
+        input:
+          tail_rabbitmq:
+            type: tail
+            tag: rabbitmq
+            path: /var/log/rabbitmq/rabbit*.log
+            pos_file: {{ pillar.fluentd.agent.dir.positiondb }}/rabbitmq.pos
+            parser:
+              type: multiline
+              time_key: Timestamp
+              time_format: '%Y-%m-%d %H:%M:%S.%N'
+              keep_time_key: false
+              # Log format https://regex101.com/r/BINifG/1
+              format_firstline: '/[0-9]{4}-[0-9]{2}-[0-9]{2}\s[0-9]{2}:[0-9]{2}:[0-9]{2}.[0-9]{3}/'
+              format: '/^(?<Timestamp>[0-9]{4}-[0-9]{2}-[0-9]{2}\s[0-9]{2}:[0-9]{2}:[0-9]{2}.[0-9]{3})\s+\[(?<orig_severity_label>[a-z]+)\]\s+(?<Payload>.*)/'
+  {%- else %}
         input:
           tail_rabbitmq:
             type: tail
@@ -16,6 +33,7 @@
               keep_time_key: false
               format_firstline: '/=[A-Z]+\sREPORT====/'
               format: '/^=(?<orig_severity_label>[A-Z]+)\sREPORT====\s(?<Timestamp>.*)\s===\n(?<Payload>.*)/'
+  {%- endif %}
         filter:
           match_severity:
             type: record_transformer
@@ -26,9 +44,9 @@
               - name: programname
                 value: rabbitmq
               - name: severity_label
-                value: ${ {'INFO'=>'INFO','NOTICE'=>'NOTICE','SUPERVISOR'=>'NOTICE','WARNING'=>'WARNING','ERROR'=>'ERROR','CRASH'=>'CRITICAL'}[record['orig_severity_label']] }
+                value: ${ {'INFO'=>'INFO','NOTICE'=>'NOTICE','SUPERVISOR'=>'NOTICE','WARNING'=>'WARNING','ERROR'=>'ERROR','CRASH'=>'CRITICAL','CRITICAL'=>'CRITICAL'}[record['orig_severity_label'].upcase] }
               - name: Severity
-                value: ${ {'INFO'=>6,'NOTICE'=>5,'SUPERVISOR'=>5,'WARNING'=>4,'ERROR'=>3,'CRASH'=>2}[record['orig_severity_label']].to_i }
+                value: ${ {'INFO'=>6,'NOTICE'=>5,'SUPERVISOR'=>5,'WARNING'=>4,'ERROR'=>3,'CRASH'=>2,'CRITICAL'=>2}[record['orig_severity_label'].upcase].to_i }
         match:
           push_to_default:
             tag: rabbitmq