Skip to content

[aws custom logs] Updating file selector field to receive mutline configurations#10789

Merged
gizas merged 2 commits intomainfrom
aws_filedescriptor
Aug 27, 2024
Merged

[aws custom logs] Updating file selector field to receive mutline configurations#10789
gizas merged 2 commits intomainfrom
aws_filedescriptor

Conversation

@gizas
Copy link
Copy Markdown
Contributor

@gizas gizas commented Aug 14, 2024

  • Enhancement

Proposed commit message

WHAT: Update the file selector field of Collect Logs from S3 Bucket datastream to be able to receive multiline configurations
WHY: It is needed in order to be able to provide specific parsers confguration to specific file selectors. Otherwise the parsers is not applied to the files selected

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

How to test this PR locally

  1. Clone this PR
  2. Navigate to /integrations/packages/aws_logs
  3. Run elastic-package build
  4. Run elastic-package stack up -d -v --version=8.15.0 within the same folder. This will create a local elastic stack
  5. Create an agent policy with aws_custom_logs integration
  6. In the policy enable Collect Logs from S3 Bucket datastream
  7. Under the advanced options update File Selectors field
- regex: .*windows-events-.*
  parsers:
    - multiline:
        pattern: ^[0-9]{4}-[0-9]{2}-[0-9]
        negate:  true
        match:   after
  1. Update the credentials to connect to an s3 bucket
    9 Upload a multiline file to your s3 bucket aws s3 cp test.log s3://gizas-se-test2/windows-events-5.log

Related issues

Screenshots

Screenshot 2024-08-14 at 12 32 29 PM

@gizas gizas requested a review from a team as a code owner August 14, 2024 09:42
@gizas gizas requested review from kaiyan-sheng and zmoog August 14, 2024 09:44
@elasticmachine
Copy link
Copy Markdown

elasticmachine commented Aug 14, 2024

💚 Build Succeeded

@elastic-sonarqube
Copy link
Copy Markdown

elastic-sonarqube bot commented Aug 14, 2024

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

@andrewkroh andrewkroh added Integration:aws_logs Custom AWS Logs Team:obs-ds-hosted-services Observability Hosted Services team [elastic/obs-ds-hosted-services] enhancement New feature or request labels Aug 14, 2024
kaiyan-sheng
kaiyan-sheng approved these changes Aug 26, 2024
View reviewed changes
Copy link
Copy Markdown

@kaiyan-sheng kaiyan-sheng left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the fix! I think aws_bedrock also has the multi:true configuration. @agithomas it might worth some investigation there.

@gizas gizas merged commit ddbe733 into main Aug 27, 2024
@gizas gizas deleted the aws_filedescriptor branch August 27, 2024 06:59
@elasticmachine
Copy link
Copy Markdown

elasticmachine commented Aug 27, 2024

Package aws_logs - 1.4.0 containing this change is available at https://epr.elastic.co/search?package=aws_logs

harnish-crest-data pushed a commit to chavdaharnish/integrations that referenced this pull request Feb 4, 2025
@gizas
[aws custom logs] Updating file selector field to receive mutline con…
6f85215 
…figurations (elastic#10789)

* udpating file selector field to be mutliline

* udpating cahngelog
harnish-crest-data pushed a commit to chavdaharnish/integrations that referenced this pull request Feb 5, 2025
@gizas
[aws custom logs] Updating file selector field to receive mutline con…
9e5b2ef 
…figurations (elastic#10789)

* udpating file selector field to be mutliline

* udpating cahngelog
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zmoog zmoog Awaiting requested review from zmoog

1 more reviewer

@kaiyan-sheng kaiyan-sheng kaiyan-sheng approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

enhancement New feature or request Integration:aws_logs Custom AWS Logs Team:obs-ds-hosted-services Observability Hosted Services team [elastic/obs-ds-hosted-services]

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@gizas @elasticmachine @kaiyan-sheng @andrewkroh