Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
- OpenSearch 2.5.0
- Data Prepper 2.1.0-SNAPSHOT (docker image built from Git main branch to test new
otel_logs_source
plugin)
Describe the issue:
I am using Data-Prepper with otel_logs_source
plugin for OTLP logs sent from an otel collector.
I created an index pattern, indicated the time
field and if I go to Discover the logs are already appearing in OpenSearch.
Now I want to use it in the Observability plugin.
For this I created in the Observability Dashboard plugin → Application Analytics → Create Application and in the Log Source field source = otel-v1-metrics-2023.05
But when I go to the “Logs Events” tab, a pop-up appears saying that “Index does not contain a valid time field.”
However, if I go to the index pattern, the time field exists:
And if I go to Discovery I can query the logs in this index showing the timestamp:
So I don’t understand what is going on in the Observability plugin. Any ideas if am I doing something wrong?
Configuration:
pipelines.yaml:
entry-pipeline:
delay: "100"
source:
otel_trace_source:
port: 21890
ssl: false
sink:
- pipeline:
name: "raw-pipeline"
- pipeline:
name: "service-map-pipeline"
raw-pipeline:
source:
pipeline:
name: "entry-pipeline"
processor:
- otel_trace_raw:
sink:
- opensearch:
hosts: [ "https://opensearch-node1:9200" ]
insecure: true
username: "admin"
password: "admin"
index_type: trace-analytics-raw
service-map-pipeline:
delay: "100"
source:
pipeline:
name: "entry-pipeline"
processor:
- service_map_stateful:
sink:
- opensearch:
hosts: ["https://opensearch-node1:9200"]
insecure: true
username: "admin"
password: "admin"
index_type: trace-analytics-service-map
otel-logs-pipeline:
workers: 1
delay: "100"
buffer:
bounded_blocking:
buffer_size: 512
batch_size: 64
source:
otel_logs_source:
port: 21892
ssl: false
authentication:
unauthenticated:
sink:
- opensearch:
hosts: ["https://opensearch-node1:9200"]
insecure: true
username: "admin"
password: "admin"
bulk_size: 10
index_type: custom
index: otel-v1-logs-%{YYYY.ww}
number_of_replicas: 0
otel-metrics-pipeline:
source:
otel_metrics_source:
port: 21891
ssl: false
authentication:
unauthenticated:
processor:
- otel_metrics_raw_processor:
sink:
- opensearch:
hosts: ["https://opensearch-node1:9200"]
insecure: true
username: "admin"
password: "admin"
bulk_size: 10
index_type: custom
index: otel-v1-metrics-%{YYYY.ww}
number_of_replicas: 0
otel-collector-config.yaml:
receivers:
# Data sources: traces, metrics, logs
otlp:
protocols:
grpc:
endpoint: 0.0.0.0:4317
http:
endpoint: 0.0.0.0:4318
# Data sources: metrics
prometheus:
config:
scrape_configs:
- job_name: "my-service"
scrape_interval: 5s
static_configs:
- targets:
- host.docker.internal:30000
processors:
batch:
send_batch_size: 10000
send_batch_max_size: 11000
timeout: 10s
exporters:
logging:
logLevel: DEBUG
#verbosity: detailed
otlp/data-prepper-traces:
endpoint: data-prepper:21890
tls:
insecure: true
insecure_skip_verify: true
otlp/data-prepper-metrics:
endpoint: data-prepper:21891
tls:
insecure: true
insecure_skip_verify: true
otlp/data-prepper-logs:
endpoint: data-prepper:21892
tls:
insecure: true
insecure_skip_verify: true
service:
pipelines:
traces:
receivers: [otlp]
processors: [batch]
exporters: [otlp/data-prepper-traces]
metrics:
receivers: [prometheus]
processors: [batch]
exporters: [otlp/data-prepper-metrics]
logs:
receivers: [otlp]
processors: [batch]
exporters: [otlp/data-prepper-logs]
Relevant Logs or Screenshots: