Merge "Improve grok pattern matching for apache logs"

8e302cc4 · Zuul · Gerrit Code Review · 66853f86 · 63213c0e · 8e302cc4
Commit 8e302cc4 authored 1 year ago by Zuul Committed by Gerrit Code Review 1 year ago
--- a/ansible/roles/common/templates/conf/format/apache_access.conf.j2
+++ b/ansible/roles/common/templates/conf/format/apache_access.conf.j2
@@ -4,7 +4,7 @@
  key_name Payload
  <parse>
    @type grok
-    grok_pattern \[%{HTTPDATE:Timestamp}\] "(?:%{WORD:http_method} %{NOTSPACE:http_url}(?: HTTP/%{NUMBER:http_version})?|%{DATA:rawrequest})" %{NUMBER:http_status} (?:\d+|-)
+    grok_pattern \[%{HTTPDATE:Timestamp}\] "(?:%{WORD:http_method} %{NOTSPACE:http_url}(?: HTTP/%{NUMBER:http_version})?|%{DATA:rawrequest})" %{NUMBER:http_status} (?:%{NUMBER:http_bytes}|-) (?:%{NUMBER:http_response_time_us}|-) "%{DATA:referrer}" "%{DATA:agent}"
    time_key Timestamp
    time_format %d/%b/%Y:%H:%M:%S %z
    keep_time_key true

--- a/releasenotes/notes/improve-apache-grok-pattern-47b0bcd90f464d60.yaml
+++ b/releasenotes/notes/improve-apache-grok-pattern-47b0bcd90f464d60.yaml
+---
+features:
+  - |
+    Updates apache grok pattern to match the size of response in bytes,
+    time taken to serve the request and user agent.