History

kongfei 886b7a0cab reorganize pkg/util		2022-06-02 21:13:30 +08:00
..
auditor	reorganize log pkg	2022-06-02 19:55:13 +08:00
client	reorganize pkg/util	2022-06-02 21:13:30 +08:00
decoder	reorganize log pkg	2022-06-02 19:55:13 +08:00
diagnostic	reorganize log pkg	2022-06-02 19:55:13 +08:00
input	reorganize pkg/util	2022-06-02 21:13:30 +08:00
message	reorganize log pkg	2022-06-02 19:55:13 +08:00
parser	reorganize log pkg	2022-06-02 19:55:13 +08:00
pb	reorganize log pkg	2022-06-02 19:55:13 +08:00
pipeline	reorganize log pkg	2022-06-02 19:55:13 +08:00
processor	reorganize log pkg	2022-06-02 19:55:13 +08:00
restart	reorganize log pkg	2022-06-02 19:55:13 +08:00
sender	reorganize log pkg	2022-06-02 19:55:13 +08:00
service	reorganize log pkg	2022-06-02 19:55:13 +08:00
status	reorganize log pkg	2022-06-02 19:55:13 +08:00
tag	reorganize log pkg	2022-06-02 19:55:13 +08:00
README.md	reorganize log pkg	2022-06-02 19:55:13 +08:00

README.md

logs-agent

logs-agent collects logs and submits them to datadog's infrastructure.

Structure

logs reads the config files, and instantiates what's needed. Each log line comes from a source (e.g. file, network, docker), and then enters one of the available pipeline - tailer|listener|container -> decoder -> processor -> sender -> auditor

Tailer tails a file and submits data to the processors

Listener listens on local network (TCP, UDP, Unix) and submits data to the processors

Container scans docker logs from stdout/stderr and submits data to the processors

Decoder converts bytes arrays into messages

Processor updates the messages, filtering, redacting or adding metadata, and submits to the forwarder

Sender submits the messages to the intake, and notifies the auditor

Auditor notes that messages were properly submitted, stores offsets for agent restarts

Tests

# Run the unit tests
inv test --targets=./pkg/logs --timeout=10