Is there any possibility to filter out APM data (errors, specific urls, ...), so that apm-server does not index them to elasticsearch?
Or is the only way to set the apm-server output to logstash and drop unwanted data in logstash?
This is doable but I think this is a huge performance overhead, so directly filtering in apm-server would be prefered if possible
In the Java agent you can use the ignore_exceptions and the transaction_ignore_urls config options to achieve that.
Otherwise, you can use Ingest pipelines with a drop processor for that.
I hope this helps.
Thanks @Eyal_Koren ... Didn't know this options, but this may do it.
I've tested ignore_exceptions and this works fine, but have a question about "transaction_ignore_urls"
I've set this:
transaction_ignore_urls=/internal/state/health,/devops/alive
But e.g. http://127.0.0.1/devops/alive is still instrumented.
Do I have here any misconfiguration?
If you are matching against exactly http://127.0.0.1/devops/alive, then your configuration should work. If this is not the exact and full URL, then use a wildcard at the end of the pattern.
Otherwise, please provide your exact configurations, a debug log and the full URL that should being matched and doesn't, maybe we can find why.
url.full=http://127.0.0.1/devops/alive
in my elasticapm.properties i have set:
transaction_ignore_urls=http://127.0.0.1/devops/alive
But still find entries in my apm-indices with this url.
We have set the following configuration - parameters:
You formerly reported you tried transaction_ignore_urls=/devops/alive - did that not work as well?
Some trial and error can be useful, for example:
transaction_ignore_urls=*devops/alive*transaction_ignore_urls=*devops*etc
Also, set log_level to debug and make sure your configuration is picked up as expected.
The "transaction_ignore_urls" is not picked up regarding DEBUG-log, i see all my parameters from config-file, but transaction_ignore_urls seems to be "ignored" ...
When setting this in Kibana with central configuration, I see in the logs "WARN co.elastic.apm.agent.configuration.ApmServerConfigurationSource - Received unknown remote configuration key transaction_ignore_urls"
Do you have any idea why his happens?
@Eyal_Koren seems like this is caused by an old version of elastic-apm-agent. I will update to newest version and then this ignore_urls should work.
Thanks for all your feedback and help
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.