I want to read the Telegraf logs and store them in influxdb

aceankit99 · October 6, 2022, 1:35pm

Hello Everyone,

I want to read the Telegraf logs and store them in influxdb to monitor the metrics write errors and other errors. (context deadline, flush interval warning, etc). I am currently using tail and grok to achieve this but it’s still not working. Kindly help me with this.

logs format:-

2022-10-06T13:20:20Z D! [inputs.disk] [SystemPS] => kept…
2022-10-06T13:20:20Z D! [inputs.disk] [SystemPS] → using mountpoint “F:”…
2022-10-06T13:20:20Z D! [inputs.disk] [SystemPS] => kept…
2022-10-06T13:20:25Z D! [outputs.influxdb_v2] Wrote batch of 467 metrics in 190.4682ms
2022-10-06T13:20:25Z D! [outputs.influxdb_v2] Buffer fullness: 0 / 10000 metrics

tail configuration:-

[[inputs.tail]]
files = [“C:/Users/acean/Desktop/abc.txt”]
from_beginning = false
pipe = false
data_format = “grok”
grok_patterns = [“%{DATA}”]

Giovanni_Luisotto · October 6, 2022, 3:57pm

I’m using the following:

[[inputs.tail]]
  files = ['__LogFilePath__']
  character_encoding = 'utf-8'
  data_format = 'grok'
  path_tag = ''
  grok_patterns = ["%{TIMESTAMP_ISO8601:time:ts-rfc3339} %{WORD:level:tag}! %{GREEDYDATA:message}"]
  grok_timezone = "UTC"
  name_override = '__MeasurementName__'
  watch_method = 'poll'

aceankit99 · October 7, 2022, 8:54am

Thanks, @Giovanni_Luisotto.It’s working now.

aceankit99 · October 7, 2022, 9:05am

@Giovanni_Luisotto just a small question, is it possible to tail only the errors and warnings? we can use the quiet option in conf file, but is it possible without that?

Giovanni_Luisotto · October 7, 2022, 10:13am

yeah, just adding


[[inputs.tail]]
  files = ['__LogFilePath__']
  character_encoding = 'utf-8'
  data_format = 'grok'
  path_tag = ''
  grok_patterns = ["%{TIMESTAMP_ISO8601:time:ts-rfc3339} %{WORD:level:tag}! %{GREEDYDATA:message}"]
  grok_timezone = "UTC"
  name_override = '__MeasurementName__'
  watch_method = 'poll'
  [inputs.tail.tagpass]
    level = [ "_ValueToKeep1_", "_ValueToKeep2_" ]

Note: I don’t remember the actual values to be filter ERR/WARN/whatever… also I’m not sure if the values are case-seisitive or not

aceankit99 · October 7, 2022, 11:49am

Thanks a lot @Giovanni_Luisotto

final conf-

[[inputs.tail]]
files = [‘C:/Users/acean/Desktop/logs/test.log’]
character_encoding = ‘utf-8’
data_format = ‘grok’
path_tag = ‘’
grok_patterns = [“%{TIMESTAMP_ISO8601:time:ts-rfc3339} %{WORD:level:tag}! %{GREEDYDATA:message}”]
#grok_timezone = “UTC”
name_override = ‘telegraf_logs’
watch_method = ‘poll’

[inputs.tail.tagpass]
level = [ “W”, “E” ]

Topic		Replies	Views
Telegraf tail-plugin with grok: no data written to influxdb Telegraf influxdb , grok , tail	4	751	November 17, 2022
Telegraf input tail influx InfluxDB 2	3	1170	May 18, 2020
Hard time getting telegraf logparser automatically detect file change influxdb , telegraf , influxdata	2	2804	April 2, 2019
Possibility to store the data into influxDB through telegraf based on condition like if timestamp and level is same we need to restrict storing into InfluxDB Telegraf telegraf	3	475	July 8, 2019
[[inputs.tail]] no log	2	1129	March 16, 2021

I want to read the Telegraf logs and store them in influxdb

Related topics