Docs for parsing GitLab's non-json logs
Want to help? Co-assign yourself and ping me!
Problem:
It is difficult to parse large GitLab log files used in troubleshooting or understanding self-managed GitLab behavior.
Proposal:
Create a resource with tips on parsing logs (and log archives) within the GitLab log system to help troubleshoot problems, locate errors, and minimize false positives.
This content would go on this page and build upon what we have there. I expect there will be a lot of overlap in the real-world examples (especially (z)grep + jq).
A resource that folks can use to learn helpful tools that are not jq
to parse unstructured logs and things that aren't json (eg. nginx logs, production.log, job traces, kubesos & gitlabsos archives).
Why?
Provide Support team, customers, and self-managed GitLab users with guidance on how to find information often helpful for troubleshooting and Support in the GitLab log system.
What?
Content might include examples of how to parse log data using ubiquitous command-line utilities:
Results
I think a list of links about the tools, and 1-2 real-world use cases for each command would be a sufficient MVC.
The expected results are to create a resource that the Support team uses to boost efficiency and effectiveness when parsing large plaintext log data.
This resource could also inform customers and users on how they can do this themselves to self-serve Support, diagnose problems, or more easily share most actionable/relevant details in Support tickets.
Results would mostly be long-term. The more the resource is used internally and by others, and iterated upon, the greater the results.
The cost is maintenance: if this is not used or iterated upon, or if most logs change the default format to JSON, the resource could become irrelevant and unhelpful.
Counterpart to #1670 (closed)