OpenTelemetry Bot d680729c09 [chore] Prepare release 0.90.0 (#29543) 1 жил өмнө
..
internal fe97648b4b [chore][receiver/udplog] created metadata (#21670) 1 жил өмнө
testdata fba49a57a5 [chore] update tests to bind to 127.0.0.1 instead of 0.0.0.0 (#15669) 2 жил өмнө
Makefile b3e2e06e15 Add udpreceiver (#3191) 3 жил өмнө
README.md 875225e80d [chore] mark a few additional components as part of the Splunk distro (#29342) 1 жил өмнө
doc.go 5133f4ccd6 [chore] use license shortform (#22052) 1 жил өмнө
go.mod d680729c09 [chore] Prepare release 0.90.0 (#29543) 1 жил өмнө
go.sum 40b485f08a Update core for v0.90.0 release (#29539) 1 жил өмнө
metadata.yaml 875225e80d [chore] mark a few additional components as part of the Splunk distro (#29342) 1 жил өмнө
udp.go 5133f4ccd6 [chore] use license shortform (#22052) 1 жил өмнө
udp_test.go c2f343b392 UDP input operator - async mode - separate between readers & processors (#27805) 1 жил өмнө

README.md

UDP Receiver

Status
Stability alpha: logs
Distributions contrib, observiq, splunk, sumo
Issues Open issues Closed issues
Code Owners @djaglowski

Receives logs over UDP.

Configuration Fields

Field Default Description
listen_address required A listen address of the form <ip>:<port>
attributes {} A map of key: value pairs to add to the entry's attributes
one_log_per_packet false Skip log tokenization, set to true if logs contains one log per record and multiline is not used. This will improve performance.
resource {} A map of key: value pairs to add to the entry's resource
add_attributes false Adds net.* attributes according to [semantic convention][https://github.com/open-telemetry/semantic-conventions/blob/cee22ec91448808ebcfa53df689c800c7171c9e1/docs/general/attributes.md#other-network-attributes]
multiline A multiline configuration block. See below for details
encoding utf-8 The encoding of the file being read. See the list of supported encodings below for available options
operators [] An array of operators. See below for more details
async nil An async configuration block. See below for details.

Operators

Each operator performs a simple responsibility, such as parsing a timestamp or JSON. Chain together operators to process logs into a desired format.

  • Every operator has a type.
  • Every operator can be given a unique id. If you use the same type of operator more than once in a pipeline, you must specify an id. Otherwise, the id defaults to the value of type.
  • Operators will output to the next operator in the pipeline. The last operator in the pipeline will emit from the receiver. Optionally, the output parameter can be used to specify the id of another operator to which logs will be passed directly.
  • Only parsers and general purpose operators should be used.

Parsers with Embedded Operations

Many parsers operators can be configured to embed certain followup operations such as timestamp and severity parsing. For more information, see complex parsers.

multiline configuration

If set, the multiline configuration block instructs the udplog receiver to split log entries on a pattern other than newlines.

note If multiline is not set at all, it wont't split log entries at all. Every UDP packet is going to be treated as log. note multiline detection works per UDP packet due to protocol limitations.

The multiline configuration block must contain exactly one of line_start_pattern or line_end_pattern. These are regex patterns that match either the beginning of a new log entry, or the end of a log entry.

The omit_pattern setting can be used to omit the start/end pattern from each entry.

Supported encodings

Key Description
nop No encoding validation. Treats the file as a stream of raw bytes
utf-8 UTF-8 encoding
utf-16le UTF-16 encoding with little-endian byte order
utf-16be UTF-16 encoding with little-endian byte order
ascii ASCII encoding
big5 The Big5 Chinese character encoding

Other less common encodings are supported on a best-effort basis. See https://www.iana.org/assignments/character-sets/character-sets.xhtml for other encodings available.

async configuration

If set, the async configuration block instructs the udp_input operator to read and process logs asynchronsouly and concurrently.

note If async is not set at all, a single thread will read lines synchronously.

Field Default Description
readers 1 Concurrency level - Determines how many go routines read from UDP port and push to channel (to be handled by processors).
processors 1 Concurrency level - Determines how many go routines read from channel (pushed by readers) and process logs before sending downstream.
max_queue_length 100 Determines max length of channel being used by async reader routines. When channel reaches max number, reader routine will block until channel has room.

Example Configurations

Simple

Configuration:

receivers:
  udplog:
    listen_address: "0.0.0.0:54525"