0

我正在使用 Amazon Kinesis 代理来跟踪我的 nginx Web 访问日志,以便将访问日志推送到 Kinesis - 最终在 Kinesis Analytics 中使用。

代理正在运行并跟踪我的访问日志,然后将记录推送到 Kinesis。我可以看到到达 Kinesis 的记录,因此连接良好。

我遇到的问题与格式化程序选项有关 - 特别是关于“ LOGTOJSON ”。

以下是 的内容/etc/aws-kinesis/agent.json

{
  "cloudwatch.emitMetrics": false,
  "kinesis.endpoint": "kinesis.eu-west-1.amazonaws.com",

  "flows": [
    {
      "filePattern": "/var/log/nginx/proxy-access*",
      "kinesisStream": "removed-xxx",
      "partitionKeyOption": "RANDOM",
      "dataProcessingOptions": {
        "optionName": "LOGTOJSON",
        "logFormat": "COMBINEDAPACHELOG"
    }
  ]
}

这是我用来以 apache 组合日志格式输出日志的 nginx 配置部分:

log_format combined_apache '$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"';
access_log logs/proxy-access.log combined_apache;

以下是 nginx 访问日志的几行输出:

172.17.0.1 - - [09/Sep/2016:11:04:27 +0000] "GET / HTTP/1.0" 302 337 "-" "ApacheBench/2.3"
172.17.0.1 - - [09/Sep/2016:11:04:27 +0000] "GET / HTTP/1.0" 302 337 "-" "ApacheBench/2.3"
172.17.0.1 - - [09/Sep/2016:11:04:27 +0000] "GET / HTTP/1.0" 302 337 "-" "ApacheBench/2.3"
172.17.0.1 - - [09/Sep/2016:11:04:27 +0000] "GET / HTTP/1.0" 302 337 "-" "ApacheBench/2.3"

这是 Kinesis 代理的输出。您可以看到记录正在“解析”但没有“转换”。

2016-09-09 11:03:20.574+0000 18b332249e3f (Agent.MetricsEmitter RUNNING) com.amazon.kinesis.streaming.agent.Agent [INFO] Agent: Progress: 0 records parsed (0 bytes), and 0 records sent successfully to destinations. Uptime: 60041ms
2016-09-09 11:03:20.574+0000 18b332249e3f (FileTailer[kinesis:centurion-weblogs:/var/log/nginx/proxy-access*].MetricsEmitter RUNNING) com.amazon.kinesis.streaming.agent.tailing.FileTailer [INFO] FileTailer[kinesis:centurion-weblogs:/var/log/nginx/proxy-access*]: Tailer Progress: Tailer has parsed 0 records (0 bytes), transformed 0 records, skipped 0 records, and has successfully sent 0 records to destination.
2016-09-09 11:03:50.572+0000 18b332249e3f (FileTailer[kinesis:centurion-weblogs:/var/log/nginx/proxy-access*].MetricsEmitter RUNNING) com.amazon.kinesis.streaming.agent.tailing.FileTailer [INFO] FileTailer[kinesis:centurion-weblogs:/var/log/nginx/proxy-access*]: Tailer Progress: Tailer has parsed 0 records (0 bytes), transformed 0 records, skipped 0 records, and has successfully sent 0 records to destination.
2016-09-09 11:03:50.572+0000 18b332249e3f (Agent.MetricsEmitter RUNNING) com.amazon.kinesis.streaming.agent.Agent [INFO] Agent: Progress: 0 records parsed (0 bytes), and 0 records sent successfully to destinations. Uptime: 90038ms
2016-09-09 11:04:20.572+0000 18b332249e3f (FileTailer[kinesis:centurion-weblogs:/var/log/nginx/proxy-access*].MetricsEmitter RUNNING) com.amazon.kinesis.streaming.agent.tailing.FileTailer [INFO] FileTailer[kinesis:centurion-weblogs:/var/log/nginx/proxy-access*]: Tailer Progress: Tailer has parsed 398 records (36218 bytes), transformed 0 records, skipped 0 records, and has successfully sent 0 records to destination.
2016-09-09 11:04:20.572+0000 18b332249e3f (Agent.MetricsEmitter RUNNING) com.amazon.kinesis.streaming.agent.Agent [INFO] Agent: Progress: 398 records parsed (36218 bytes), and 0 records sent successfully to destinations. Uptime: 120038ms
2016-09-09 11:04:50.572+0000 18b332249e3f (FileTailer[kinesis:centurion-weblogs:/var/log/nginx/proxy-access*].MetricsEmitter RUNNING) com.amazon.kinesis.streaming.agent.tailing.FileTailer [INFO] FileTailer[kinesis:centurion-weblogs:/var/log/nginx/proxy-access*]: Tailer Progress: Tailer has parsed 533 records (48503 bytes), transformed 0 records, skipped 0 records, and has successfully sent 500 records to destination.
2016-09-09 11:04:50.572+0000 18b332249e3f (Agent.MetricsEmitter RUNNING) com.amazon.kinesis.streaming.agent.Agent [INFO] Agent: Progress: 533 records parsed (48503 bytes), and 500 records sent successfully to destinations. Uptime: 150038ms
2016-09-09 11:05:20.571+0000 18b332249e3f (FileTailer[kinesis:centurion-weblogs:/var/log/nginx/proxy-access*].MetricsEmitter RUNNING) com.amazon.kinesis.streaming.agent.tailing.FileTailer [INFO] FileTailer[kinesis:centurion-weblogs:/var/log/nginx/proxy-access*]: Tailer Progress: Tailer has parsed 533 records (48503 bytes), transformed 0 records, skipped 0 records, and has successfully sent 500 records to destination.

Kinesis Analytics 将传入数据检测为 CSV 流而不是 JSON 流。当我在 AWS 控制台中查看原始流内容时,它看起来像这样:

172.17.0.1 - - [09/Sep/2016:11:03:58 +0000] "GET / HTTP/1.0" 302 337 "-" "ApacheBench/2.3"
,172.17.0.1 - - [09/Sep/2016:11:03:58 +0000] "GET / HTTP/1.0" 302 337 "-" "ApacheBench/2.3"
,172.17.0.1 - - [09/Sep/2016:11:03:58 +0000] "GET / HTTP/1.0" 302 337 "-" "ApacheBench/2.3"
,172.17.0.1 - - [09/Sep/2016:11:03:58 +0000] "GET / HTTP/1.0" 302 337 "-" "ApacheBench/2.3"
,172.17.0.1 - - [09/Sep/2016:11:03:58 +0000] "GET / HTTP/1.0" 302 337 "-" "ApacheBench/2.3"
,172.17.0.1 - - [09/Sep/2016:11:03:58 +0000] "GET / HTTP/1.0" 302 337 "-" "ApacheBench/2.3"
,172.17.0.1 - - [09/Sep/2016:11:03:58 +0000] "GET / HTTP/1.0" 302 337 "-" "ApacheBench/2.3"
,172.17.0.1 - - [09/Sep/2016:11:03:58 +0000] "GET / HTTP/1.0" 302 337 "-" "ApacheBench/2.3"
,172.17.0.1 - - [09/Sep/2016:11:03:59 +0000] "GET / HTTP/1.0" 302 337 "-" "ApacheBench/2.3"
,172.17.0.1 - - [09/Sep/2016:11:03:59 +0000] "GET / HTTP/1.0" 302 337 "-" "ApacheBench/2.3"

所以看起来代理正在发送每条记录而没有任何类型的转换,并用逗号分隔每一行。

我看不出我在哪里出错了。nginx 访问日志看起来是以正确的格式编写的,但 Kinesis 代理不会将其转换为 JSON - 原因不明。

任何指针将不胜感激。

4

1 回答 1

2

我不知道你是否已经解决了这个问题,但dataProcessingOptions期待一个数组(http://docs.aws.amazon.com/firehose/latest/dev/writing-with-agents.html

例子:

"dataProcessingOptions": [
        {
           other configs, etc
        }
]
于 2016-12-21T18:14:21.627 回答