Skip to content

Fixed Grok patterns in apache tomcat integration #9243

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 13 commits into from
Mar 12, 2024
Merged

Fixed Grok patterns in apache tomcat integration #9243

merged 13 commits into from
Mar 12, 2024

Conversation

Alphayeeeet
Copy link
Contributor

@Alphayeeeet Alphayeeeet commented Feb 26, 2024
edited
Loading

Proposed commit message

Access: When parsing for example a 302 request, the response-bytes are "-" and therefore, the grok processor throwed an error. This should now be fixed.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

@Alphayeeeet
Fixed ingest errors on non content serving requests
eac872a 
When parsing for example a 302 request, the response-bytes are "-" and therefore, the grok processor throwed an error. This should now be fixed.
@Alphayeeeet
Merge pull request #1 from Alphayeeeet/Alphayeeeet-fix-tomcat-grok
1a4147a 
Fixed ingest errors on non content serving requests
@Alphayeeeet Alphayeeeet requested a review from a team as a code owner February 26, 2024 17:25
@cla-checker-service CLA Checker Service
Copy link

cla-checker-service bot commented Feb 26, 2024
edited
Loading

💚 CLA has been signed

@Alphayeeeet Alphayeeeet marked this pull request as draft February 27, 2024 07:25
@Alphayeeeet Alphayeeeet changed the title Tolerate empty response bytes in apache tomcat access logs Fixed Grok patterns in apache tomcat integration Feb 27, 2024
@Alphayeeeet Alphayeeeet marked this pull request as ready for review February 27, 2024 07:41
muthu-mps
muthu-mps reviewed Mar 8, 2024
View reviewed changes
@muthu-mps
Copy link
Contributor

  • Can you update the manifest.yml file with the latest changelog version.
  • Include the sample log format for 302 error in the _dev/test/pipeline/test-access.log file and re-generate the expected json file.

@Alphayeeeet
Copy link
Contributor Author

Alphayeeeet commented Mar 8, 2024
edited
Loading

done @muthu-mps

@Alphayeeeet Alphayeeeet requested a review from muthu-mps March 10, 2024 14:16
muthu-mps
muthu-mps approved these changes Mar 11, 2024
View reviewed changes
Copy link
Contributor

@muthu-mps muthu-mps left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@muthu-mps
Copy link
Contributor

/test

@muthu-mps
Copy link
Contributor

@Alphayeeeet -

  • Can you check the pipeline test execution is successful?
    elastic-package test pipeline
  • If it fails then generate the sample document by running elastic-package test pipeline -g and commit the changes.

@Alphayeeeet
Copy link
Contributor Author

Alphayeeeet commented Mar 11, 2024
edited
Loading

@muthu-mps done. The problem was, that a non 2XX status code do not give event.outcome as success.

I am just not sure why the pipeline does'nt report event.outcome as non-successful on 1XX or 3XX status code response. In my opinion this behaviour should be changed too, so just >=400 is event.outcome failure.

@muthu-mps
Copy link
Contributor

@muthu-mps done. The problem was, that a non 2XX status code does not give event.outcome as success.

I am just not sure why the pipeline does'nt report event.outcome as non-successful on 1XX or 3XX status code response. In my opinion this behaviour should be changed too, so just <=400 is event.outcome failure.

Thanks for catching the event.outcome parsing issue. We will update the processor to fix this.

@muthu-mps
Copy link
Contributor

/test

@elasticmachine
Copy link

🚀 Benchmarks report

Package apache_tomcat 👍(6) 💚(2) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
memory 29411.76 18867.92 -10543.84 (-35.85%) 💔

To see the full report comment with /test benchmark fullreport

@elasticmachine
Copy link

💚 Build Succeeded

History

@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate passed Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
100.0% 100.0% Coverage on New Code
0.0% 0.0% Duplication on New Code

See analysis details on SonarQube

@muthu-mps muthu-mps merged commit dffe131 into elastic:main Mar 12, 2024
@elasticmachine
Copy link

Package apache_tomcat - 1.3.2 containing this change is available at https://epr.elastic.co/search?package=apache_tomcat

gizas pushed a commit that referenced this pull request Mar 13, 2024
@Alphayeeeet @muthu-mps @gizas
Fixed Grok patterns in apache tomcat integration (#9243)
6cec9af 
When parsing for example a 302 request, the response-bytes are "-" and therefore, the grok processor threw an error. This should now be fixed.

---------

Co-authored-by: muthu-mps <101238137+muthu-mps@users.noreply.github.com>
qcorporation pushed a commit that referenced this pull request Feb 3, 2025
@Alphayeeeet @muthu-mps @gizas
Fixed Grok patterns in apache tomcat integration (#9243)
165e7f1 
When parsing for example a 302 request, the response-bytes are "-" and therefore, the grok processor threw an error. This should now be fixed.

---------

Co-authored-by: muthu-mps <101238137+muthu-mps@users.noreply.github.com>
qcorporation pushed a commit that referenced this pull request Feb 4, 2025
@Alphayeeeet @muthu-mps @gizas
Fixed Grok patterns in apache tomcat integration (#9243)
bf300de 
When parsing for example a 302 request, the response-bytes are "-" and therefore, the grok processor threw an error. This should now be fixed.

---------

Co-authored-by: muthu-mps <101238137+muthu-mps@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@muthu-mps muthu-mps muthu-mps approved these changes

Assignees
No one assigned
Labels
Integration:apache_tomcat Apache Tomcat
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Alphayeeeet @muthu-mps @elasticmachine @andrewkroh