Hello!
I have APM Server with default config and all is working fine. Now I want to split ES indices from APM by project or hostname ore something else and get a problem. I am using this part of config for this:
`
index: "apm-%{[observer.version]}-ident-%{+yyyy.MM.dd}"
...
- index: "apm-%{[observer.version]}-span-%{[source.ip]}-int-%{+yyyy.MM.dd}"
`
And my issues is - all "variables", like a %{[source.ip]} is empty for me
I tried at least all variables from this list - https://www.elastic.co/guide/en/apm/server/master/exported-fields-apm.html#_process
but all of them are empty (or not defined).
How I turn on them? Or maybe there is some other way to get hostname or application name from receiving data to add it to indice name?
axw
August 14, 2020, 1:56am
2
Not all fields are set for all events. Specifically, source.ip is only set for some transaction docs - and no spans at all, currently.
How I turn on them? Or maybe there is some other way to get hostname or application name from receiving data to add it to indice name?
You can use host.name for the hostname of the instrumented service, or service.name for the service name.
1 Like
TheVintik
August 14, 2020, 10:58am
3
@axw should I use it like:
index: "apm-%{[observer.version]}-ident-%{+yyyy.MM.dd}"
indices:
- index: "apm-%{[observer.version]}-sourcemap"
when.contains:
processor.event: "sourcemap"
- index: "apm-%{[observer.version]}-error-%{[host.name]}-%{[service.name]}-%{+yyyy.MM.dd}"
when.contains:
processor.event: "error"
- index: "apm-%{[observer.version]}-%{[host.name]}-%{[service.name]}-transaction-%{+yyyy.MM.dd}"
when.contains:
processor.event: "transaction"
- index: "apm-%{[observer.version]}-span-%{[host.name]}-%{[service.name]}-int-%{+yyyy.MM.dd}"
when.contains:
processor.event: "span"
- index: "apm-%{[observer.version]}-metric-%{[host.name]}-%{[service.name]}-%{+yyyy.MM.dd}"
when.contains:
processor.event: "metric"
- index: "apm-%{[observer.version]}-onboarding-%{[host.name]}-%{[service.name]}-%{+yyyy.MM.dd}"
when.contains:
processor.event: "onboarding"
?
If so - it does not work
I have indexes with names like apm-7.6.1-transaction-2020.08.12 - so, looks like host.name and service.name are blank too for me
axw
August 17, 2020, 2:03am
4
@TheVintik that looks right, except for the onboarding one: those docs do not have a service.name. Can you please share your complete apm-server.yml config? (With any passwords redacted of course.)
jalvz
August 17, 2020, 11:29am
5
Hello,
Additionally to what @axw asked, might I ask what agent are you using (language and version)?
TheVintik
August 17, 2020, 12:06pm
6
@axw I am using Ruby on Rails application with elastic-apm (latest version). There is no any additional settings from Rails side except secret key to send data to APM.
TheVintik
August 17, 2020, 12:42pm
7
@axw
Here is my config:
[centos@XXX ~]$ sudo cat /etc/apm-server/apm-server.yml | grep -v '#'
apm-server:
host: "XXXX:8200"
secret_token: XXXXX
kibana:
enabled: true
host: "XXXXX:5601"
protocol: "https"
setup.template.name: "apm-%{[observer.version]}-custom"
setup.template.pattern: "apm-%{[observer.version]}-*"
setup.template.overwrite: true
output.elasticsearch:
hosts: ["XXXX:9200"]
enabled: true
index: "apm-%{[observer.version]}-ident-%{+yyyy.MM.dd}"
indices:
- index: "apm-%{[observer.version]}-sourcemap"
when.contains:
processor.event: "sourcemap"
- index: "apm-%{[observer.version]}-error-%{[host.name]}-%{[service.name]}-%{+yyyy.MM.dd}"
when.contains:
processor.event: "error"
- index: "apm-%{[observer.version]}-%{[host.name]}-%{[service.name]}-transaction-%{+yyyy.MM.dd}"
when.contains:
processor.event: "transaction"
- index: "apm-%{[observer.version]}-span-%{[host.name]}-%{[service.name]}-int-%{+yyyy.MM.dd}"
when.contains:
processor.event: "span"
- index: "apm-%{[observer.version]}-metric-%{[host.name]}-%{[service.name]}-%{+yyyy.MM.dd}"
when.contains:
processor.event: "metric"
- index: "apm-%{[observer.version]}-onboarding-%{[host.name]}-%{[service.name]}-%{+yyyy.MM.dd}"
when.contains:
processor.event: "onboarding"
TheVintik
August 17, 2020, 12:55pm
8
that looks right, except for the onboarding one: those docs do not have a service.name .
The main goal for me - I need to split indices with APM metric data, and, as I know - they are located in span indexes (these indexes most huge as I can see)
axw
August 18, 2020, 1:27am
9
The config looks fine. I copy & pasted it, and it worked when I ran it in Docker, placing the config file in /usr/share/apm-server.
GET /_cat/indices/apm-*
yellow open apm-7.6.1-goat-foo-transaction-2020.08.18 sMqPHbvDRY2PLKk2oRyAbA 1 1 1 0 230b 230b
(my host.name is "goat", and service.name is "foo")
Can you please share the apm-server log?
TheVintik
August 18, 2020, 8:24am
10
@axw looks like something was wrong with my stack of ES + Kibana + APM, because after reinstall all of this - I get necessary indices splitted by project, so, the config is really correct.
Thank you for your help!
1 Like
axw
August 19, 2020, 2:30am
11
Great, glad to hear you sorted it out!
system
September 8, 2020, 10:30pm
12
This topic was automatically closed 20 days after the last reply. New replies are no longer allowed.
