processor: add conditional processing support for logs #10142
Merged
+2,620
−17
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Do not strip $ prefix from field names when parsing conditions. This ensures that field names with $ prefix are correctly passed to the condition evaluator.
Convert all debug statements to trace level in the conditional evaluation code to reduce log noise while allowing detailed tracing when needed.
Add 'condition' to the list of special properties that are handled by the processor and bypass plugin-specific validation.
Convert all debug statements related to condition evaluation to trace level in the MessagePack processing code.
Add support for conditional filtering in MP chunk objects to allow processors to selectively process records that match a condition.
Add condition field to processor unit structure to support conditional processing of records based on their content.
Use the actual string size from the record accessor value instead of calling flb_sds_len() to prevent potential buffer overflows or crashes.
niedbalski
requested review from
edsiper,
leonardo-albertovich,
fujimotos and
koleini
as code owners
Change log messages about condition processing from info to debug level to reduce noise in the logs.
- Declare variables at the beginning of the function - Change for loop declarations to C89 style - Fix format specifier for uint64_t
Declare loop variables at the beginning of functions rather than within the for loops to ensure compatibility with C89 standard required for CentOS 7 builds.
Fixed memory leak in flb_processor_unit_set_condition when handling array values for the 'in' and 'not_in' operators. The issue was that the cleanup code relied on rule_val still pointing to the array when it might have been reassigned during the context check. Added a flag to track array allocations and fixed all test cleanup to properly free or ignore the condition based on ownership.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Processor conditional processing for logs
Fix #10127
This PR adds conditional processing support for logs in processors. This feature allows processors to conditionally process logs based on field values.
Example configurations
When this configuration runs, the processor only adds the field
modified_if_getto records where the request method is GET:Outputs:
The high_priority_method field was NOT added to the records because our input has "method":"GET" which isn't in the array ["POST", "PUT", "DELETE"] specified
in the first condition.
The requires_performance_check field WAS added with value "true" because the second condition is met:
Added tests
Internal unit tests
tests/internal/processor_conditional.cRuntime shell tests
tests/runtime_shell/processor_conditional.sh