Since updating to

0.18.1

I have noticed that log queries are no longer working, with fields that are definitely present. For example

k8s_namespace_name IN ('name-that-exists')

does not work anymore. See attached captures.

Are you sure there are cert-manager logs in the selected time range?

Yes 100% certain, I extended the range to 1 week. I used cert-manager as an example, but filtering by k8s_namespace_name simply is not working for any namespace at all. As an example using a specific log entry with

id '2OZrlPONFe1F2RDNZoX2meXseev'

that has the following fields:

k8s_namespace_name ('cert-manager')

k8s_node_name ('00000a')

k8s_pod_name ('cert-manager-9997bf6c9-5t98x')

Filter

k8s_namespace_name ('cert-manager')

does NOT work. Filter

id IN ('2OZrlPONFe1F2RDNZoX2meXseev')

works! Filter

id IN ('2OZrlPONFe1F2RDNZoX2meXseev') AND k8s_namespace_name IN ('cert-manager')

does NOT work. Filter

k8s_node_name ('00000a')

works! Filter

k8s_node_name ('00000a') AND k8s_namespace_name IN ('cert-manager')

does NOT work. Filter

k8s_pod_name ('cert-manager-9997bf6c9-5t98x')

works! Filter

k8s_pod_name ('cert-manager-9997bf6c9-5t98x')  AND k8s_namespace_name IN ('cert-manager')

does NOT work. @Srikanth Chekuri Thanks for the response.

@Nityananda Gohain would be the best person to answer this.

Hi @Nityananda Gohain and @Srikanth Chekuri sorry to push on this, but It seems that log filter is currently broken for resources_string, because the signoz_logs.distributed_logs query should be:

WHERE resources_string['key'] IN ('value')