This message was deleted.

hello everyone, i receive log entries via fluent bit for cpu, mem, and other application logs. i'm having a hard time to understand how to visualize and aggregate these. for example, i have log entries like this:

{
  "body": "{\"cpu0.p_cpu\":0.5,\"cpu0.p_system\":0,\"cpu0.p_user\":0.5,\"cpu1.p_cpu\":0.5,\"cpu1.p_system\":0.1,\"cpu1.p_user\":0.4,\"cpu_p\":0.55,\"environment\":\"production\",\"hostname\":\"cf-production-app-02\",\"system_p\":0.05,\"user_p\":0.5}",
  "id": "2nsj5xS7GmYAZ0LzWrZ582QWqbQ",
  "timestamp": "2024-10-24T11:14:57.298656942Z",
  "attributes": {},
  "resources": {},
  "severity_text": "",
  "severity_number": 0,
  "span_id": "",
  "trace_flags": 0,
  "trace_id": ""
}

how can i, say, create a simple "value" panel that shows me the average for

system_p

over the selected time period? the problem is that i cannot use

Avg

in the query builder with a sub-field of body it seems. i cannot set

Avg

-

body.system_p

. i get a 500. only thing i have managed is displaying the amount of log entries, but nothing about the content of an entry. i'm using self-hosted signoz and ingest logs via the otel-collector on port 4318. i'm very thankful for a hint! 🙂

Hi guys - I work for MSFT in Azure Kubernetes Team and I am working on a POC using Singnoz. I tested it yesterday and I love it but I am having issues getting logs from another log file, I changed the name, file type like .log json in my deployment but signoz is not refreshing the file.name or logs. It is still showing logs from old file somehow.

receivers:

filelog:

include: [ /var/log/audit/aks.log ]

start_at: end

operators:

- type: json_parser

service:

pipelines:

logs:

receivers: [otlp, filelog, httplogreceiver/heroku, httplogreceiver/json]

processors: [batch]

exporters: [clickhouselogsexporter]

extraVolumeMounts:

- mountPath: /var/log/audit/audit.log

name: audit-log

- mountPath: /var/log/audit/aks.log

name: aks-log

- mountPath: /mnt/blob

name: blob-log

extraVolumes:

- hostPath:

path: /var/log/audit/audit.log

type: FileOrCreate

name: audit-log

- hostPath:

path: /var/log/audit/aks.log

type: FileOrCreate

name: aks-log

- name: blob-log

persistentVolumeClaim:

claimName: pvc-blob-fuse

See I am trying to search for newlog file name but it's still shows old file name. No result on file aks.log which I have configured above. I can see the file in the pod

Pod: default/signoz-otel-collector-8cc98f667-b9grm | Container: signoz-otel-collector

~ $ ls /var/log/audit/

aks.log    audit.log

cat conf/otel-collector-config.yaml

receivers:
  filelog:
    include:
    - /var/log/audit/aks.log
    operators:
    - type: json_parser
    start_at: end

This message was deleted.

This message was deleted.

for log pipelines, why do grok capture groups need to have a

p

before them? e.g.

%{YEAR}-%{MONTHNUM}-%{MONTHDAY} %{TIME} %{LOGLEVEL:level} %{NUMBER} --- \[.*\] (?P<method>.*) :

works, but

%{YEAR}-%{MONTHNUM}-%{MONTHDAY} %{TIME} %{LOGLEVEL:level} %{NUMBER} --- \[.*\] (?<method>.*) :

doesn't. Grok debugger only accepts the second syntax, so I'm curious why the first syntax is used in Signoz.

hi i am trying to send logs from backend applications server to signoz server and i have opened port as per documentation 1.otel-collector: image: signoz/signoz-otel-collector:latest command: ["--config=/etc/otel-collector-config.yaml"] ports: - "2255:2255" and i have opened port in security group of ec2 instance after this i have restarted the container and restarted server too. 2. docker run --net=host --rm --name="logspout" \ --volume=/var/run/docker.sock:/var/run/docker.sock \ gliderlabs/logspout \ syslog+tcp://10.11.217.237:2255 when i am running this command in backend application server i am getting this error 3. 2024/03/19 120210 # logspout v3.2.14 by gliderlabs 2024/03/19 120210 # adapters: udp multiline raw syslog tcp tls 2024/03/19 120210 # options : 2024/03/19 120210 persist:/mnt/routes 2024/03/19 120210 !! dial tcp 10.11.217.2372255 connect: connection refused can i get any help over here thanks in advance

This message was deleted.

This message was deleted.

Hi Team, After upgrading from 0.77.0 to 0.78.1, signoz-0 would not start up.

{"level":"fatal","timestamp":"2025-04-11T18:40:54.547Z","caller":"query-service/main.go:108","msg":"Failed to create signoz","error":"FOREIGN KEY constraint failed","stacktrace":"main.main\n\t/home/runner/work/signoz/signoz/ee/query-service/main.go:108\nruntime.main\n\t/opt/hostedtoolcache/go/1.22.12/x64/src/runtime/proc.go:271"}

We rolled back to 0.77.0, but alerting is no longer working. If I open an Alert error dialogs pop up. If I visit '/settings/channels' the text 'Something went wrong' is displayed.

"level":"ERROR","code":{"function":"<http://github.com/SigNoz/signoz/pkg/alertmanager.(*Service).SyncServers|github.com/SigNoz/signoz/pkg/alertmanager.(*Service).SyncServers>","file":"/home/runner/work/signoz/signoz/pkg/alertmanager/service.go","line":56},"msg":"failed to get alertmanager config for org","logger":"<http://github.com/SigNoz/signoz/pkg/alertmanager/signozalertmanager|github.com/SigNoz/signoz/pkg/alertmanager/signozalertmanager>","orgID":"blah-blah-blah-blah-blah","error":"sql: Scan error on column index 0, name \"id\": strconv.ParseUint: parsing \"blah-blah-blah-blah-blah\": invalid syntax"}