Service entity overview only shows logs that have log.level present.
#189923
Comments
smith
added
bug
|
Pinging @elastic/obs-ux-infra_services-team (Team:obs-ux-infra_services) |
|
This would be a good discussion. The goal with the 'log rate' and the log 'error rate' was to give the user an indication of throughput/traffic vs errors so figuring out how to try and present these metrics to the user in a consistent way between APM and logs-only services would be valuable. Keen to hear people's thoughts. I'd also like to see what we have running in practice with some customers if possible (or at the least, present to them and ask for their thoughts on the experience). |
|
@smith @iblancof @cauemarcondes After a few calls this week with customers, the consensus is that:
Proposed ChangesLog Rate : Any thoughts/opinions? I'd love to make these changes in the service inventory and the service views as part of the current milestone for services if possible. |
|
Hi @roshan-elastic, I already added the spec in [APM][Services]Change log charts from Log Error % to Log Error Rate on overview #190987. Regarding the service inventory column change I just created #191253, feel free to move it under a public epic or milestone if needed! ℹ️ I mistakenly created the issue in the private repo, but I've already closed it. |
|
Wkd @iblancof Do you think we could create an issue to change the log rate to remove the need for |
|
Also, do we think we should change these on the service inventory in the same issue or should we break these out into separate issues? |
|
Hi @roshan-elastic, In summary, we want the Log Rate for both the inventory and the overview charts to not require having the log.level field populated as mandatory. As for creating a separate issue for the service inventory and the overview charts, I think we can handle both things within this same issue we're discussing in, right? My question is about the priority. Since we're focused on the adaptive view, when should we tackle this? Should it be part of the epic? If so, we should include it to clarify priorities and ensure everything is delivered together, even though the scope is different. |
|
Hey @iblancof
Correct!
Could we do this after we've finished the service view? Goal is that when customers see these new adaptive views - we have consistent log metrics in both the service inventory and the service view. |
|
Going to add this issue as related to the Epic so we make sure we don' t forget about it. |
|
The action here is not removing the
Like the suggested changes is still relying on the log.level field. |
|
Hey @cauemarcondes, Just to play back my understanding of the issue: Log Rate
This one wouldn't need Log Error Rate
This one would need either Make sense? |
|
Yes, that makes sense. Now I'm reading the comments again and I got what you meant. Sorry for the noise. |
|
All good @cauemarcondes. Sorry, this whole thing has been a bit noisy because we're updating these based on user feedback we've only just received in the last week or so. |
|
@roshan-elastic We should also change the EEM data transforms as they also expect the |
|
One issue is that an unfiltered |
|
Hey @klacabane - would it include all of them if we specified to only match those from It's OK if they're APM logs writing to |
@roshan-elastic Yes, I think we have these options:
I think option 2 would give the most accurate results |
|
Cheers @klacabane. I think we should make this as simple as possible for users to comprehend so I'm not sure about adding in exclusions vs specifying a simple inclusion. As a user, I'm thinking that this metric would be calculated in the same way as this lens visualisation: Filtering for logs Are we able to replicate this logic? cc @iblancof as we'll want the same logic for showing the counts that we use in the service views |
|
Thanks for sharing @roshan-elastic . The Log Error Rate is being handled like this in this PR. |
|
@klacabane should we create a ticket to update the Happy to make the changes if you can provide the best approach to filter out the logs. |
|
@kpatticha please feel free to update the definition. As for the best way to get the logRate I listed different approaches and I think both 1 and 2 should provide the results you're looking for but I didn't test that |
|
Fixed by #191962. |
|
Hey @smith, as I mentioned in this comment, I don't believe this issue is resolved by PR #191962. PR #191962 focuses on modifying the Log Error Rate chart and formula, while this issue is about ensuring that Logs are not filtered by |
|
@iblancof is right. I'm assigning this to myself to update the entity definition and the query accordingly |
|
I'm also removing the N/A badge when the
FYI @roshan-elastic |
Sorry I missed that @iblancof. Thanks for looking! |
…lastic#192500) ## Summary closes elastic#189923 - EEM: remove `log.level` filter and filter based on `data_stream.type: logs` - log-data-access: remove `log.level` filter - ECO: Update the formula and Explore log filter and remove the N/A badge https://github.com/user-attachments/assets/9b190ba7-c28b-44cf-bb0b-6dbdfe47ced4 --------- Co-authored-by: kibanamachine <[email protected]> (cherry picked from commit 48bbdd8)
…tric collection (#192500) (#192854) # Backport This will backport the following commits from `main` to `8.x`: - [[APM][ECO] Remove `log.level` filter from log rate metric collection (#192500)](#192500) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Katerina","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-09-13T12:05:51Z","message":"[APM][ECO] Remove `log.level` filter from log rate metric collection (#192500)\n\n## Summary\r\n\r\ncloses #189923 \r\n\r\n- EEM: remove `log.level` filter and filter based on `data_stream.type:\r\nlogs`\r\n- log-data-access: remove `log.level` filter\r\n- ECO: Update the formula and Explore log filter and remove the N/A\r\nbadge\r\n\r\n\r\nhttps://github.com/user-attachments/assets/9b190ba7-c28b-44cf-bb0b-6dbdfe47ced4\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <[email protected]>","sha":"48bbdd8a576522881e1af452cfaca8e529c258fa","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","ci:project-deploy-observability","Team:obs-ux-infra_services","v8.16.0"],"title":"[APM][ECO] Remove `log.level` filter from log rate metric collection","number":192500,"url":"https://github.com/elastic/kibana/pull/192500","mergeCommit":{"message":"[APM][ECO] Remove `log.level` filter from log rate metric collection (#192500)\n\n## Summary\r\n\r\ncloses #189923 \r\n\r\n- EEM: remove `log.level` filter and filter based on `data_stream.type:\r\nlogs`\r\n- log-data-access: remove `log.level` filter\r\n- ECO: Update the formula and Explore log filter and remove the N/A\r\nbadge\r\n\r\n\r\nhttps://github.com/user-attachments/assets/9b190ba7-c28b-44cf-bb0b-6dbdfe47ced4\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <[email protected]>","sha":"48bbdd8a576522881e1af452cfaca8e529c258fa"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/192500","number":192500,"mergeCommit":{"message":"[APM][ECO] Remove `log.level` filter from log rate metric collection (#192500)\n\n## Summary\r\n\r\ncloses #189923 \r\n\r\n- EEM: remove `log.level` filter and filter based on `data_stream.type:\r\nlogs`\r\n- log-data-access: remove `log.level` filter\r\n- ECO: Update the formula and Explore log filter and remove the N/A\r\nbadge\r\n\r\n\r\nhttps://github.com/user-attachments/assets/9b190ba7-c28b-44cf-bb0b-6dbdfe47ced4\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <[email protected]>","sha":"48bbdd8a576522881e1af452cfaca8e529c258fa"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Katerina <[email protected]>
#189389 specifies that we should hide logs that don't have a
log.levelattribute:log.levelis not marked as a required field in the Elastic Common Schema Log Fields specification.log.levelis also not present in OpenTelemetry logs unless the field is added in the collector.If we have a reason to filter out logs from APM errors (I'm not sure we do, other than "noise") we should explicitly filter out APM errors instead of requiring an arbitrary that happens to match.
✔️ Acceptance criteria
log.level.The text was updated successfully, but these errors were encountered: