Filter Processor

문서 > Observability Pipelines > Processors > Filter Processor

이 페이지는 아직 한국어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

이용 가능:

Logs | Metrics

Overview

This processor drops all logs or metrics () that do not match the specified filter query. If a log or metric is dropped, the data isn’t sent to any subsequent processors or destinations.

Setup

To set up the filter processor:

Define a filter query.
- Logs or metrics that match the query are sent to the next component.
- Logs or metrics that don’t match the query are dropped.

Filter query syntax

Each processor has a corresponding filter query in their fields. Processors only process logs or metrics that match their filter query.

The following are filter query examples:

NOT (status:debug): This filters for logs that do not have the status DEBUG.
status:ok service:flask-web-app: This filters for all logs with the status OK from your flask-web-app service.
- This query can also be written as: status:ok AND service:flask-web-app.
host:COMP-A9JNGYK OR host:COMP-J58KAS: This filter query only matches logs from the labeled hosts.
user.status:inactive: This filters for logs with the status inactive nested under the user attribute.
http.status:[200 TO 299] or http.status:{300 TO 399}: These two filters represent the syntax to query a range for http.status. Ranges can be used across any attribute.

Learn more about writing log filter queries in Log Search Syntax.

NOT system.cpu.user: This filters for metrics that do not have the field name:system.cpu.user.
system.cpu.user OR system.cpu.user.total: This filter query only matches metrics that have either name:system.cpu.user or name:system.cpu.user.total.
tags:(env\:prod OR env\:test): This filters for metrics with env:prod or env:test in tags.

Learn more about writing metrics filter queries in Metrics Search Syntax.

Filter Processor

Overview

Setup

Filter query syntax

Further reading