From 7e7bd9838aa9477bf992aabfcfd86e0953fd09b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Crist=C3=B2fol=20Torrens?= Date: Fri, 31 Oct 2025 14:43:05 +0100 Subject: [PATCH 1/7] Add support for most of AWS ELB logs fields. --- .chloggen/main.yaml | 27 ++++ .../awslogsencodingextension/README.md | 68 ++++----- .../unmarshaler/elb-access-log/elb.go | 46 ++++++- .../unmarshaler/elb-access-log/fields.go | 20 ++- .../testdata/alb_al_invalid_syntax.log | 2 +- .../testdata/alb_al_valid_logs.log | 3 +- .../testdata/alb_al_valid_logs_expected.yaml | 129 ++++++++++++++++++ .../unmarshaler/elb-access-log/unmarshaler.go | 51 +++++++ 8 files changed, 303 insertions(+), 43 deletions(-) create mode 100644 .chloggen/main.yaml diff --git a/.chloggen/main.yaml b/.chloggen/main.yaml new file mode 100644 index 0000000000000..f2c7c2b416747 --- /dev/null +++ b/.chloggen/main.yaml @@ -0,0 +1,27 @@ +# Use this changelog template to create an entry for release notes. + +# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' +change_type: enhancement + +# The name of the component, or a single word describing the area of concern, (e.g. receiver/filelog) +component: extension/encoding + +# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). +note: Add most of the AWS ELB fields to the AWSLogsEncoding. + +# Mandatory: One or more tracking issues related to the change. You can use the PR number here if no issue exists. +issues: [43757] + +# (Optional) One or more lines of additional information to render under the primary note. +# These lines will be padded with 2 spaces and then inserted directly into the document. +# Use pipe (|) for multiline entries. +subtext: + +# If your change doesn't affect end users or the exported elements of any package, +# you should instead start your pull request title with [chore] or use the "Skip Changelog" label. +# Optional: The change log or logs in which this entry should be included. +# e.g. '[user]' or '[user, api]' +# Include 'user' if the change is relevant to end users. +# Include 'api' if there is a change to a library API. +# Default: '[user]' +change_logs: [] diff --git a/extension/encoding/awslogsencodingextension/README.md b/extension/encoding/awslogsencodingextension/README.md index 60cd1b9512de9..04ce0d7cdbb82 100644 --- a/extension/encoding/awslogsencodingextension/README.md +++ b/extension/encoding/awslogsencodingextension/README.md @@ -362,38 +362,42 @@ ELB access log record fields are mapped this way in the resulting OpenTelemetry > AWS Fields are according to [documentation](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html). -| **AWS Field** | **OpenTelemetry Field(s)** | -|------------------------------|----------------------------------------------------------------------| -| type | `network.protocol.name` | -| time | Log timestamp | -| elb | `cloud.resource_id` | -| client:port | `client.address`, `client.port` | -| received_bytes | `http.request.size` | -| sent_bytes | `http.response.size` | -| "request" | `url.full`, `http.request.method`, `network.protocol.version` | -| ssl_cipher | `tls.cipher` | -| ssl_protocol | `tls.protocol.version` | -| elb_status_code | `aws.elb.status.code` | -| user_agent | `user_agent.original` | -| domain_name | `url.domain` | -| target:port | _Currently not supported_ | -| request_processing_time | _Currently not supported_ | -| target_processing_time | _Currently not supported_ | -| response_processing_time | _Currently not supported_ | -| target_status_code | _Currently not supported_ | -| target_group_arn | _Currently not supported_ | -| "trace_id" | _Currently not supported_ | -| "chosen_cert_arn" | _Currently not supported_ | -| matched_rule_priority | _Currently not supported_ | -| request_creation_time | _Currently not supported_ | -| "actions_executed" | _Currently not supported_ | -| "redirect_url" | _Currently not supported_ | -| "error_reason" | _Currently not supported_ | -| "target:port_list" | _Currently not supported_ | -| "target_status_code_list" | _Currently not supported_ | -| "classification" | _Currently not supported_ | -| "classification_reason" | _Currently not supported_ | -| conn_trace_id | _Currently not supported_ | +| **AWS Field** | **OpenTelemetry Field(s)** | +|---------------------------|---------------------------------------------------------------| +| type | `network.protocol.name` | +| time | Log timestamp | +| elb | `cloud.resource_id` | +| client:port | `client.address`, `client.port` | +| received_bytes | `http.request.size` | +| sent_bytes | `http.response.size` | +| "request" | `url.full`, `http.request.method`, `network.protocol.version` | +| ssl_cipher | `tls.cipher` | +| ssl_protocol | `tls.protocol.version` | +| elb_status_code | `aws.elb.status.code` | +| user_agent | `user_agent.original` | +| domain_name | `url.domain` | +| target:port | `destination.address`, `destination.port` | +| request_processing_time | `aws.alb.request_processing_time_ms` | +| target_processing_time | `aws.elb.target_processing_time_ms` | +| response_processing_time | `aws.elb.response_processing_time_ms` | +| target_status_code | `aws.elb.backend.status.code` | +| target_group_arn | `aws.elb.target_group_arn` | +| "trace_id" | _Currently not supported_ | +| "chosen_cert_arn" | `aws.elb.chosen_cert_arn` | +| matched_rule_priority | _Currently not supported_ | +| request_creation_time | _Currently not supported_ | +| "actions_executed" | `aws.elb.actions_executed` | +| "redirect_url" | `aws.elb.redirect_url` | +| "error_reason" | `aws.elb.error_reason` | +| "target:port_list" | _Currently not supported_ | +| "target_status_code_list" | _Currently not supported_ | +| "classification" | `aws.elb.classification` | +| "classification_reason" | `aws.elb.classification_reason` | +| conn_trace_id | `aws.elb.connection_trace_id` | +| transformed_host | `aws.elb.transformed_host` | +| transformed_uri | `aws.elb.transformed_uri` | +| request_transform_status | `aws.elb.request_transform_status` | + #### Network Load Balancer (NLB) diff --git a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/elb.go b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/elb.go index 2f9db6a9481d5..dd5f499aa2cc4 100644 --- a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/elb.go +++ b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/elb.go @@ -237,9 +237,9 @@ type ALBAccessLogRecord struct { TargetIPPort string // Target IP:Port or - TargetIP string // Target IP TargetPort int64 // Target port - RequestProcessingTime string // Time taken to process the request in seconds - TargetProcessingTime string // Time taken for the target to process the request in seconds - ResponseProcessingTime string // Time taken to send the response to the client in seconds + RequestProcessingTime int64 // Time taken to process the request in milliseconds + TargetProcessingTime int64 // Time taken for the target to process the request in milliseconds + ResponseProcessingTime int64 // Time taken to send the response to the client in milliseconds ELBStatusCode int64 // Status code from the load balancer TargetStatusCode string // Status code from the target ReceivedBytes int64 // Size of the request in bytes @@ -264,6 +264,10 @@ type ALBAccessLogRecord struct { TargetStatusCodeList string // List of status codes from targets Classification string // Classification of the request ClassificationReason string // Reason for classification + ConnectionTraceID string // The connection traceability ID + TransformedHost string // The transformed host header + TransformedURI string // The URI after it is modified by a URL rewrite transform + RequestTransformStatus string // The status of the rewrite transform } // convertTextToALBAccessLogRecord converts a slice of strings into a ALBAccessLogRecord @@ -279,9 +283,6 @@ func convertTextToALBAccessLogRecord(fields []string) (ALBAccessLogRecord, error Time: fields[1], ELB: fields[2], TargetIPPort: fields[4], - RequestProcessingTime: fields[5], - TargetProcessingTime: fields[6], - ResponseProcessingTime: fields[7], TargetStatusCode: fields[9], UserAgent: fields[13], SSLCipher: fields[14], @@ -299,6 +300,18 @@ func convertTextToALBAccessLogRecord(fields []string) (ALBAccessLogRecord, error TargetStatusCodeList: fields[26], Classification: fields[27], ClassificationReason: fields[28], + ConnectionTraceID: unknownField, + TransformedHost: unknownField, + TransformedURI: unknownField, + RequestTransformStatus: unknownField, + } + if len(fields) >= 30 { + record.ConnectionTraceID = fields[29] + } + if len(fields) >= 33 { + record.TransformedHost = fields[30] + record.TransformedURI = fields[31] + record.RequestTransformStatus = fields[32] } var clientPort string if record.ClientIP, clientPort, err = net.SplitHostPort(fields[3]); err != nil { @@ -328,6 +341,27 @@ func convertTextToALBAccessLogRecord(fields []string) (ALBAccessLogRecord, error if record.SentBytes, err = safeConvertStrToInt(fields[11]); err != nil { return record, fmt.Errorf("could not convert sent bytes to integer: %w", err) } + if fields[5] != unknownField { + rpt, e := safeConvertStrToFloat(fields[5]) + if e != nil { + return record, fmt.Errorf("could not convert response processing time to float: %w", e) + } + record.ResponseProcessingTime = int64(rpt * 1000) + } + if fields[6] != unknownField { + tpt, e := safeConvertStrToFloat(fields[6]) + if e != nil { + return record, fmt.Errorf("could not convert target processing time to float: %w", e) + } + record.TargetProcessingTime = int64(tpt * 1000) + } + if fields[7] != unknownField { + rpt, e := safeConvertStrToFloat(fields[7]) + if e != nil { + return record, fmt.Errorf("could not convert request processing time to float: %w", e) + } + record.RequestProcessingTime = int64(rpt * 1000) + } if record.RequestMethod, record.RequestURI, record.ProtocolName, record.ProtocolVersion, err = parseRequestField(fields[12]); err != nil { return record, fmt.Errorf("could not splits a raw HTTP request line into its components: %w", err) diff --git a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/fields.go b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/fields.go index dddfe860f9cf5..a1b8245b1a2da 100644 --- a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/fields.go +++ b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/fields.go @@ -4,7 +4,21 @@ package elbaccesslogs // import "github.com/open-telemetry/opentelemetry-collector-contrib/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log" const ( - AttributeELBStatusCode = "aws.elb.status.code" // int - AttributeELBBackendStatusCode = "aws.elb.backend.status.code" // int - AttributeTLSListenerResourceID = "aws.elb.tls.listener.resource_id" // string + AttributeELBStatusCode = "aws.elb.status.code" // int + AttributeELBBackendStatusCode = "aws.elb.backend.status.code" // int + AttributeTLSListenerResourceID = "aws.elb.tls.listener.resource_id" // string + AttributeELBRequestProcessingTimeMs = "aws.elb.request_processing_time_ms" // int + AttributeELBResponseProcessingTimeMs = "aws.elb.response_processing_time_ms" // int + AttributeELBTargetProcessingTimeMs = "aws.elb.target_processing_time_ms" // int + AttributeELBTargetGroupARN = "aws.elb.target_group_arn" // string + AttributeELBChosenCertARN = "aws.elb.chosen_cert_arn" // string + AttributeELBActionsExecuted = "aws.elb.actions_executed" // string + AttributeELBRedirectURL = "aws.elb.redirect_url" // string + AttributeELBErrorReason = "aws.elb.error_reason" // string + AttributeELBClassification = "aws.elb.classification" // string + AttributeELBClassificationReason = "aws.elb.classification_reason" // string + AttributeELBConnectionTraceID = "aws.elb.connection_trace_id" // string + AttributeELBTransformedHost = "aws.elb.transformed_host" // string + AttributeELBTransformedURI = "aws.elb.transformed_uri" // string + AttributeELBRequestTransformStatus = "aws.elb.request_transform_status" // string ) diff --git a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_invalid_syntax.log b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_invalid_syntax.log index e5903531a2b0e..f071f34dfb396 100644 --- a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_invalid_syntax.log +++ b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_invalid_syntax.log @@ -1 +1 @@ -invalid 2018-07-02T22:23:00.186641Z app/my-loadbalancer/50dc6c495c0c9188 192.168.131.39:2817 10.0.0.1:80 0.000 0.001 0.000 200 200 34 366 "GET http://www.example.com:80/ HTTP/1.1" "curl/7.46.0" - - arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067 "Root=1-58337262-36d228ad5d99923122bbe354" "-" "-" 0 2018-07-02T22:22:48.364000Z "forward,redirect" "-" "-" "10.0.0.1:80" "200" "-" "-" \ No newline at end of file +invalid 2018-07-02T22:23:00.186641Z app/my-loadbalancer/50dc6c495c0c9188 192.168.131.39:2817 10.0.0.1:80 0.000 0.001 0.000 200 200 34 366 "GET http://www.example.com:80/ HTTP/1.1" "curl/7.46.0" - - arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067 "Root=1-58337262-36d228ad5d99923122bbe354" "-" "-" 0 2018-07-02T22:22:48.364000Z "forward,redirect" "-" "-" "10.0.0.1:80" "200" "-" "-" TID_1234abcd5678ef90 "-" "-" "-" \ No newline at end of file diff --git a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_valid_logs.log b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_valid_logs.log index 95d7beb7b9f47..4f942b4e99010 100644 --- a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_valid_logs.log +++ b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_valid_logs.log @@ -1,2 +1,3 @@ https 2018-07-02T22:23:00.186641Z app/my-loadbalancer/50dc6c495c0c9188 192.168.131.39:2817 10.0.0.1:80 0.086 0.048 0.037 200 200 0 57 "GET https://www.example.com:443/ HTTP/1.1" "curl/7.46.0" ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067 "Root=1-58337281-1d84f3d73c47ec4e58577259" "www.example.com" "arn:aws:acm:us-east-2:123456789012:certificate/12345678-1234-1234-1234-123456789012" 1 2018-07-02T22:22:48.364000Z "authenticate,forward" "-" "-" "10.0.0.1:80" "200" "-" "-" TID_1234abcd5678ef90 -https 2018-07-02T22:23:00.186641Z app/my-loadbalancer/50dc6c495c0c9188 [fe80::202:b3ff:fe1e:8329]:443 [2001:db8::1]:80 0.086 0.048 0.037 200 200 0 57 "GET https://www.example.com:443/ HTTP/1.1" "curl/7.46.0" ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067 "Root=1-58337281-1d84f3d73c47ec4e58577259" "www.example.com" "arn:aws:acm:us-east-2:123456789012:certificate/12345678-1234-1234-1234-123456789012" 1 2018-07-02T22:22:48.364000Z "authenticate,forward" "-" "-" "10.0.0.1:80" "200" "-" "-" TID_1234abcd5678ef90 \ No newline at end of file +https 2018-07-02T22:23:00.186641Z app/my-loadbalancer/50dc6c495c0c9188 [fe80::202:b3ff:fe1e:8329]:443 [2001:db8::1]:80 0.086 0.048 0.037 200 200 0 57 "GET https://www.example.com:443/ HTTP/1.1" "curl/7.46.0" ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067 "Root=1-58337281-1d84f3d73c47ec4e58577259" "www.example.com" "arn:aws:acm:us-east-2:123456789012:certificate/12345678-1234-1234-1234-123456789012" 1 2018-07-02T22:22:48.364000Z "authenticate,forward" "-" "-" "10.0.0.1:80" "200" "-" "-" TID_1234abcd5678ef90 +https 2018-07-02T22:23:00.186641Z app/my-loadbalancer/50dc6c495c0c9188 192.168.131.39:2817 10.0.0.1:80 0.086 0.048 0.037 200 200 0 57 "GET https://www.example.com:443/ HTTP/1.1" "curl/7.46.0" ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067 "Root=1-58337281-1d84f3d73c47ec4e58577259" "www.example.com" "arn:aws:acm:us-east-2:123456789012:certificate/12345678-1234-1234-1234-123456789012" 1 2018-07-02T22:22:48.364000Z "authenticate,forward" "-" "-" "10.0.0.1:80" "200" "-" "-" TID_1234abcd5678ef90 "transformed.example.com" "https://transformed.example.com/index.html" "TransformSuccess" diff --git a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_valid_logs_expected.yaml b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_valid_logs_expected.yaml index f2c574668e0fc..bef672db538b1 100644 --- a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_valid_logs_expected.yaml +++ b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_valid_logs_expected.yaml @@ -55,6 +55,30 @@ resourceLogs: - key: destination.port value: intValue: "80" + - key: aws.elb.actions_executed + value: + stringValue: "authenticate,forward" + - key: aws.elb.backend.status.code + value: + intValue: "200" + - key: aws.elb.chosen_cert_arn + value: + stringValue: arn:aws:acm:us-east-2:123456789012:certificate/12345678-1234-1234-1234-123456789012 + - key: aws.elb.connection_trace_id + value: + stringValue: TID_1234abcd5678ef90 + - key: aws.elb.request_processing_time_ms + value: + intValue: "37" + - key: aws.elb.response_processing_time_ms + value: + intValue: "86" + - key: aws.elb.target_processing_time_ms + value: + intValue: "48" + - key: aws.elb.target_group_arn + value: + stringValue: arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067 body: {} timeUnixNano: "1530570180186641000" - attributes: @@ -103,8 +127,113 @@ resourceLogs: - key: destination.port value: intValue: "80" + - key: aws.elb.actions_executed + value: + stringValue: "authenticate,forward" + - key: aws.elb.backend.status.code + value: + intValue: "200" + - key: aws.elb.chosen_cert_arn + value: + stringValue: arn:aws:acm:us-east-2:123456789012:certificate/12345678-1234-1234-1234-123456789012 + - key: aws.elb.connection_trace_id + value: + stringValue: TID_1234abcd5678ef90 + - key: aws.elb.request_processing_time_ms + value: + intValue: "37" + - key: aws.elb.response_processing_time_ms + value: + intValue: "86" + - key: aws.elb.target_processing_time_ms + value: + intValue: "48" + - key: aws.elb.target_group_arn + value: + stringValue: arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067 body: {} timeUnixNano: "1530570180186641000" + - attributes: + - key: network.protocol.name + value: + stringValue: https + - key: network.protocol.version + value: + stringValue: "1.1" + - key: client.address + value: + stringValue: 192.168.131.39 + - key: http.request.method + value: + stringValue: GET + - key: url.full + value: + stringValue: https://www.example.com:443/ + - key: client.port + value: + intValue: "2817" + - key: http.request.size + value: + intValue: "0" + - key: http.response.size + value: + intValue: "57" + - key: aws.elb.status.code + value: + intValue: "200" + - key: tls.protocol.version + value: + stringValue: tlsv1.2 + - key: tls.cipher + value: + stringValue: ECDHE-RSA-AES128-GCM-SHA256 + - key: user_agent.original + value: + stringValue: curl/7.46.0 + - key: url.domain + value: + stringValue: www.example.com + - key: destination.address + value: + stringValue: 10.0.0.1 + - key: destination.port + value: + intValue: "80" + - key: aws.elb.actions_executed + value: + stringValue: "authenticate,forward" + - key: aws.elb.backend.status.code + value: + intValue: "200" + - key: aws.elb.chosen_cert_arn + value: + stringValue: arn:aws:acm:us-east-2:123456789012:certificate/12345678-1234-1234-1234-123456789012 + - key: aws.elb.connection_trace_id + value: + stringValue: TID_1234abcd5678ef90 + - key: aws.elb.request_processing_time_ms + value: + intValue: "37" + - key: aws.elb.response_processing_time_ms + value: + intValue: "86" + - key: aws.elb.target_processing_time_ms + value: + intValue: "48" + - key: aws.elb.target_group_arn + value: + stringValue: arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067 + - key: aws.elb.transformed_host + value: + stringValue: transformed.example.com + - key: aws.elb.transformed_uri + value: + stringValue: https://transformed.example.com/index.html + - key: aws.elb.request_transform_status + value: + stringValue: TransformSuccess + body: { } + timeUnixNano: "1530570180186641000" scope: attributes: - key: encoding.format diff --git a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/unmarshaler.go b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/unmarshaler.go index 8480cdcf29933..c48a673795273 100644 --- a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/unmarshaler.go +++ b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/unmarshaler.go @@ -248,6 +248,57 @@ func (f *elbAccessLogUnmarshaler) addToALBAccessLogs(resourceAttr *resourceAttri recordLog.Attributes().PutInt(string(conventions.DestinationPortKey), albRecord.TargetPort) } + // ALB time specific attributes + if albRecord.RequestProcessingTime >= 0 { + recordLog.Attributes().PutInt(AttributeELBRequestProcessingTimeMs, albRecord.RequestProcessingTime) + } + if albRecord.TargetProcessingTime >= 0 { + recordLog.Attributes().PutInt(AttributeELBTargetProcessingTimeMs, albRecord.TargetProcessingTime) + } + if albRecord.ResponseProcessingTime >= 0 { + recordLog.Attributes().PutInt(AttributeELBResponseProcessingTimeMs, albRecord.ResponseProcessingTime) + } + + if albRecord.TargetStatusCode != unknownField { + statusCode, e := safeConvertStrToInt(albRecord.TargetStatusCode) + if e == nil { + recordLog.Attributes().PutInt(AttributeELBBackendStatusCode, statusCode) + } + } + if albRecord.TargetGroupARN != unknownField { + recordLog.Attributes().PutStr(AttributeELBTargetGroupARN, albRecord.TargetGroupARN) + } + if albRecord.ChosenCertARN != unknownField { + recordLog.Attributes().PutStr(AttributeELBChosenCertARN, albRecord.ChosenCertARN) + } + if albRecord.ActionsExecuted != unknownField { + recordLog.Attributes().PutStr(AttributeELBActionsExecuted, albRecord.ActionsExecuted) + } + if albRecord.RedirectURL != unknownField { + recordLog.Attributes().PutStr(AttributeELBRedirectURL, albRecord.RedirectURL) + } + if albRecord.ErrorReason != unknownField { + recordLog.Attributes().PutStr(AttributeELBErrorReason, albRecord.ErrorReason) + } + if albRecord.Classification != unknownField { + recordLog.Attributes().PutStr(AttributeELBClassification, albRecord.Classification) + } + if albRecord.ClassificationReason != unknownField { + recordLog.Attributes().PutStr(AttributeELBClassificationReason, albRecord.ClassificationReason) + } + if albRecord.ConnectionTraceID != unknownField { + recordLog.Attributes().PutStr(AttributeELBConnectionTraceID, albRecord.ConnectionTraceID) + } + if albRecord.TransformedHost != unknownField { + recordLog.Attributes().PutStr(AttributeELBTransformedHost, albRecord.TransformedHost) + } + if albRecord.TransformedURI != unknownField { + recordLog.Attributes().PutStr(AttributeELBTransformedURI, albRecord.TransformedURI) + } + if albRecord.RequestTransformStatus != unknownField { + recordLog.Attributes().PutStr(AttributeELBRequestTransformStatus, albRecord.RequestTransformStatus) + } + // Set timestamp recordLog.SetTimestamp(pcommon.Timestamp(epochNanoseconds)) From b2d85513b01995256aa13e66e0dee27bbfa93993 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Crist=C3=B2fol=20Torrens?= Date: Mon, 3 Nov 2025 14:57:21 +0100 Subject: [PATCH 2/7] Add Amazon trace ID also. --- extension/encoding/awslogsencodingextension/README.md | 2 +- .../internal/unmarshaler/elb-access-log/fields.go | 1 + .../testdata/alb_al_valid_logs_expected.yaml | 9 +++++++++ .../internal/unmarshaler/elb-access-log/unmarshaler.go | 4 +++- 4 files changed, 14 insertions(+), 2 deletions(-) diff --git a/extension/encoding/awslogsencodingextension/README.md b/extension/encoding/awslogsencodingextension/README.md index 04ce0d7cdbb82..99cbcbdaccb50 100644 --- a/extension/encoding/awslogsencodingextension/README.md +++ b/extension/encoding/awslogsencodingextension/README.md @@ -382,7 +382,7 @@ ELB access log record fields are mapped this way in the resulting OpenTelemetry | response_processing_time | `aws.elb.response_processing_time_ms` | | target_status_code | `aws.elb.backend.status.code` | | target_group_arn | `aws.elb.target_group_arn` | -| "trace_id" | _Currently not supported_ | +| "trace_id" | `aws.elb.aws_trace_id` | | "chosen_cert_arn" | `aws.elb.chosen_cert_arn` | | matched_rule_priority | _Currently not supported_ | | request_creation_time | _Currently not supported_ | diff --git a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/fields.go b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/fields.go index a1b8245b1a2da..545b751feb745 100644 --- a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/fields.go +++ b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/fields.go @@ -21,4 +21,5 @@ const ( AttributeELBTransformedHost = "aws.elb.transformed_host" // string AttributeELBTransformedURI = "aws.elb.transformed_uri" // string AttributeELBRequestTransformStatus = "aws.elb.request_transform_status" // string + AttributeELBAWSTraceId = "aws.elb.aws_trace_id" // string ) diff --git a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_valid_logs_expected.yaml b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_valid_logs_expected.yaml index bef672db538b1..1e6ff6f4c3106 100644 --- a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_valid_logs_expected.yaml +++ b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_valid_logs_expected.yaml @@ -64,6 +64,9 @@ resourceLogs: - key: aws.elb.chosen_cert_arn value: stringValue: arn:aws:acm:us-east-2:123456789012:certificate/12345678-1234-1234-1234-123456789012 + - key: aws.elb.aws_trace_id + value: + stringValue: Root=1-58337281-1d84f3d73c47ec4e58577259 - key: aws.elb.connection_trace_id value: stringValue: TID_1234abcd5678ef90 @@ -136,6 +139,9 @@ resourceLogs: - key: aws.elb.chosen_cert_arn value: stringValue: arn:aws:acm:us-east-2:123456789012:certificate/12345678-1234-1234-1234-123456789012 + - key: aws.elb.aws_trace_id + value: + stringValue: Root=1-58337281-1d84f3d73c47ec4e58577259 - key: aws.elb.connection_trace_id value: stringValue: TID_1234abcd5678ef90 @@ -208,6 +214,9 @@ resourceLogs: - key: aws.elb.chosen_cert_arn value: stringValue: arn:aws:acm:us-east-2:123456789012:certificate/12345678-1234-1234-1234-123456789012 + - key: aws.elb.aws_trace_id + value: + stringValue: Root=1-58337281-1d84f3d73c47ec4e58577259 - key: aws.elb.connection_trace_id value: stringValue: TID_1234abcd5678ef90 diff --git a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/unmarshaler.go b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/unmarshaler.go index c48a673795273..bc612f4d3a7bf 100644 --- a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/unmarshaler.go +++ b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/unmarshaler.go @@ -258,7 +258,9 @@ func (f *elbAccessLogUnmarshaler) addToALBAccessLogs(resourceAttr *resourceAttri if albRecord.ResponseProcessingTime >= 0 { recordLog.Attributes().PutInt(AttributeELBResponseProcessingTimeMs, albRecord.ResponseProcessingTime) } - + if albRecord.TraceID != unknownField { + recordLog.Attributes().PutStr(AttributeELBAWSTraceId, albRecord.TraceID) + } if albRecord.TargetStatusCode != unknownField { statusCode, e := safeConvertStrToInt(albRecord.TargetStatusCode) if e == nil { From 803794cb9ab0be24f99fe33d37976483fa6bc6ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Crist=C3=B2fol=20Torrens?= Date: Mon, 3 Nov 2025 15:45:25 +0100 Subject: [PATCH 3/7] Use slices instead of comma separated string for actions_executed. --- .../testdata/alb_al_valid_logs_expected.yaml | 15 ++++++++++++--- .../unmarshaler/elb-access-log/unmarshaler.go | 8 ++++++-- 2 files changed, 18 insertions(+), 5 deletions(-) diff --git a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_valid_logs_expected.yaml b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_valid_logs_expected.yaml index 1e6ff6f4c3106..847aa3801b371 100644 --- a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_valid_logs_expected.yaml +++ b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_valid_logs_expected.yaml @@ -57,7 +57,10 @@ resourceLogs: intValue: "80" - key: aws.elb.actions_executed value: - stringValue: "authenticate,forward" + arrayValue: + values: + - stringValue: "authenticate" + - stringValue: "forward" - key: aws.elb.backend.status.code value: intValue: "200" @@ -132,7 +135,10 @@ resourceLogs: intValue: "80" - key: aws.elb.actions_executed value: - stringValue: "authenticate,forward" + arrayValue: + values: + - stringValue: "authenticate" + - stringValue: "forward" - key: aws.elb.backend.status.code value: intValue: "200" @@ -207,7 +213,10 @@ resourceLogs: intValue: "80" - key: aws.elb.actions_executed value: - stringValue: "authenticate,forward" + arrayValue: + values: + - stringValue: "authenticate" + - stringValue: "forward" - key: aws.elb.backend.status.code value: intValue: "200" diff --git a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/unmarshaler.go b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/unmarshaler.go index bc612f4d3a7bf..414d609a72de0 100644 --- a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/unmarshaler.go +++ b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/unmarshaler.go @@ -248,7 +248,7 @@ func (f *elbAccessLogUnmarshaler) addToALBAccessLogs(resourceAttr *resourceAttri recordLog.Attributes().PutInt(string(conventions.DestinationPortKey), albRecord.TargetPort) } - // ALB time specific attributes + // Times are expressed in seconds with a precision of 3 decimal places in logs. Here we convert them to milliseconds. if albRecord.RequestProcessingTime >= 0 { recordLog.Attributes().PutInt(AttributeELBRequestProcessingTimeMs, albRecord.RequestProcessingTime) } @@ -258,6 +258,7 @@ func (f *elbAccessLogUnmarshaler) addToALBAccessLogs(resourceAttr *resourceAttri if albRecord.ResponseProcessingTime >= 0 { recordLog.Attributes().PutInt(AttributeELBResponseProcessingTimeMs, albRecord.ResponseProcessingTime) } + if albRecord.TraceID != unknownField { recordLog.Attributes().PutStr(AttributeELBAWSTraceId, albRecord.TraceID) } @@ -274,7 +275,10 @@ func (f *elbAccessLogUnmarshaler) addToALBAccessLogs(resourceAttr *resourceAttri recordLog.Attributes().PutStr(AttributeELBChosenCertARN, albRecord.ChosenCertARN) } if albRecord.ActionsExecuted != unknownField { - recordLog.Attributes().PutStr(AttributeELBActionsExecuted, albRecord.ActionsExecuted) + actions := recordLog.Attributes().PutEmptySlice(AttributeELBActionsExecuted) + for _, action := range strings.Split(albRecord.ActionsExecuted, ",") { + actions.AppendEmpty().SetStr(action) + } } if albRecord.RedirectURL != unknownField { recordLog.Attributes().PutStr(AttributeELBRedirectURL, albRecord.RedirectURL) From 644b8424f14edac1ca423250325d1e78fce270be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Crist=C3=B2fol=20Torrens?= Date: Mon, 3 Nov 2025 16:00:20 +0100 Subject: [PATCH 4/7] Use seconds instead of ms in durations. --- .../unmarshaler/elb-access-log/elb.go | 30 ++++------------ .../unmarshaler/elb-access-log/fields.go | 36 +++++++++---------- .../testdata/alb_al_valid_logs_expected.yaml | 36 +++++++++---------- .../unmarshaler/elb-access-log/unmarshaler.go | 21 +++++++---- 4 files changed, 57 insertions(+), 66 deletions(-) diff --git a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/elb.go b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/elb.go index dd5f499aa2cc4..607ca5113c1d8 100644 --- a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/elb.go +++ b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/elb.go @@ -237,9 +237,9 @@ type ALBAccessLogRecord struct { TargetIPPort string // Target IP:Port or - TargetIP string // Target IP TargetPort int64 // Target port - RequestProcessingTime int64 // Time taken to process the request in milliseconds - TargetProcessingTime int64 // Time taken for the target to process the request in milliseconds - ResponseProcessingTime int64 // Time taken to send the response to the client in milliseconds + RequestProcessingTime string // Time taken to process the request in milliseconds + TargetProcessingTime string // Time taken for the target to process the request in milliseconds + ResponseProcessingTime string // Time taken to send the response to the client in milliseconds ELBStatusCode int64 // Status code from the load balancer TargetStatusCode string // Status code from the target ReceivedBytes int64 // Size of the request in bytes @@ -283,6 +283,9 @@ func convertTextToALBAccessLogRecord(fields []string) (ALBAccessLogRecord, error Time: fields[1], ELB: fields[2], TargetIPPort: fields[4], + RequestProcessingTime: fields[5], + TargetProcessingTime: fields[6], + ResponseProcessingTime: fields[7], TargetStatusCode: fields[9], UserAgent: fields[13], SSLCipher: fields[14], @@ -341,27 +344,6 @@ func convertTextToALBAccessLogRecord(fields []string) (ALBAccessLogRecord, error if record.SentBytes, err = safeConvertStrToInt(fields[11]); err != nil { return record, fmt.Errorf("could not convert sent bytes to integer: %w", err) } - if fields[5] != unknownField { - rpt, e := safeConvertStrToFloat(fields[5]) - if e != nil { - return record, fmt.Errorf("could not convert response processing time to float: %w", e) - } - record.ResponseProcessingTime = int64(rpt * 1000) - } - if fields[6] != unknownField { - tpt, e := safeConvertStrToFloat(fields[6]) - if e != nil { - return record, fmt.Errorf("could not convert target processing time to float: %w", e) - } - record.TargetProcessingTime = int64(tpt * 1000) - } - if fields[7] != unknownField { - rpt, e := safeConvertStrToFloat(fields[7]) - if e != nil { - return record, fmt.Errorf("could not convert request processing time to float: %w", e) - } - record.RequestProcessingTime = int64(rpt * 1000) - } if record.RequestMethod, record.RequestURI, record.ProtocolName, record.ProtocolVersion, err = parseRequestField(fields[12]); err != nil { return record, fmt.Errorf("could not splits a raw HTTP request line into its components: %w", err) diff --git a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/fields.go b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/fields.go index 545b751feb745..41182780a02ca 100644 --- a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/fields.go +++ b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/fields.go @@ -4,22 +4,22 @@ package elbaccesslogs // import "github.com/open-telemetry/opentelemetry-collector-contrib/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log" const ( - AttributeELBStatusCode = "aws.elb.status.code" // int - AttributeELBBackendStatusCode = "aws.elb.backend.status.code" // int - AttributeTLSListenerResourceID = "aws.elb.tls.listener.resource_id" // string - AttributeELBRequestProcessingTimeMs = "aws.elb.request_processing_time_ms" // int - AttributeELBResponseProcessingTimeMs = "aws.elb.response_processing_time_ms" // int - AttributeELBTargetProcessingTimeMs = "aws.elb.target_processing_time_ms" // int - AttributeELBTargetGroupARN = "aws.elb.target_group_arn" // string - AttributeELBChosenCertARN = "aws.elb.chosen_cert_arn" // string - AttributeELBActionsExecuted = "aws.elb.actions_executed" // string - AttributeELBRedirectURL = "aws.elb.redirect_url" // string - AttributeELBErrorReason = "aws.elb.error_reason" // string - AttributeELBClassification = "aws.elb.classification" // string - AttributeELBClassificationReason = "aws.elb.classification_reason" // string - AttributeELBConnectionTraceID = "aws.elb.connection_trace_id" // string - AttributeELBTransformedHost = "aws.elb.transformed_host" // string - AttributeELBTransformedURI = "aws.elb.transformed_uri" // string - AttributeELBRequestTransformStatus = "aws.elb.request_transform_status" // string - AttributeELBAWSTraceId = "aws.elb.aws_trace_id" // string + AttributeELBStatusCode = "aws.elb.status.code" // int + AttributeELBBackendStatusCode = "aws.elb.backend.status.code" // int + AttributeTLSListenerResourceID = "aws.elb.tls.listener.resource_id" // string + AttributeELBRequestProcessingTime = "aws.elb.request_processing_time" // int + AttributeELBResponseProcessingTime = "aws.elb.response_processing_time" // int + AttributeELBTargetProcessingTime = "aws.elb.target_processing_time" // int + AttributeELBTargetGroupARN = "aws.elb.target_group_arn" // string + AttributeELBChosenCertARN = "aws.elb.chosen_cert_arn" // string + AttributeELBActionsExecuted = "aws.elb.actions_executed" // string + AttributeELBRedirectURL = "aws.elb.redirect_url" // string + AttributeELBErrorReason = "aws.elb.error_reason" // string + AttributeELBClassification = "aws.elb.classification" // string + AttributeELBClassificationReason = "aws.elb.classification_reason" // string + AttributeELBConnectionTraceID = "aws.elb.connection_trace_id" // string + AttributeELBTransformedHost = "aws.elb.transformed_host" // string + AttributeELBTransformedURI = "aws.elb.transformed_uri" // string + AttributeELBRequestTransformStatus = "aws.elb.request_transform_status" // string + AttributeELBAWSTraceId = "aws.elb.aws_trace_id" // string ) diff --git a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_valid_logs_expected.yaml b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_valid_logs_expected.yaml index 847aa3801b371..b8ac67ae3a86d 100644 --- a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_valid_logs_expected.yaml +++ b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/testdata/alb_al_valid_logs_expected.yaml @@ -73,15 +73,15 @@ resourceLogs: - key: aws.elb.connection_trace_id value: stringValue: TID_1234abcd5678ef90 - - key: aws.elb.request_processing_time_ms + - key: aws.elb.request_processing_time value: - intValue: "37" - - key: aws.elb.response_processing_time_ms + doubleValue: "0.086" + - key: aws.elb.target_processing_time value: - intValue: "86" - - key: aws.elb.target_processing_time_ms + doubleValue: "0.048" + - key: aws.elb.response_processing_time value: - intValue: "48" + doubleValue: "0.037" - key: aws.elb.target_group_arn value: stringValue: arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067 @@ -151,15 +151,15 @@ resourceLogs: - key: aws.elb.connection_trace_id value: stringValue: TID_1234abcd5678ef90 - - key: aws.elb.request_processing_time_ms + - key: aws.elb.request_processing_time value: - intValue: "37" - - key: aws.elb.response_processing_time_ms + doubleValue: "0.086" + - key: aws.elb.target_processing_time value: - intValue: "86" - - key: aws.elb.target_processing_time_ms + doubleValue: "0.048" + - key: aws.elb.response_processing_time value: - intValue: "48" + doubleValue: "0.037" - key: aws.elb.target_group_arn value: stringValue: arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067 @@ -229,15 +229,15 @@ resourceLogs: - key: aws.elb.connection_trace_id value: stringValue: TID_1234abcd5678ef90 - - key: aws.elb.request_processing_time_ms + - key: aws.elb.request_processing_time value: - intValue: "37" - - key: aws.elb.response_processing_time_ms + doubleValue: "0.086" + - key: aws.elb.target_processing_time value: - intValue: "86" - - key: aws.elb.target_processing_time_ms + doubleValue: "0.048" + - key: aws.elb.response_processing_time value: - intValue: "48" + doubleValue: "0.037" - key: aws.elb.target_group_arn value: stringValue: arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067 diff --git a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/unmarshaler.go b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/unmarshaler.go index 414d609a72de0..4567f3907b0e8 100644 --- a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/unmarshaler.go +++ b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/unmarshaler.go @@ -249,14 +249,23 @@ func (f *elbAccessLogUnmarshaler) addToALBAccessLogs(resourceAttr *resourceAttri } // Times are expressed in seconds with a precision of 3 decimal places in logs. Here we convert them to milliseconds. - if albRecord.RequestProcessingTime >= 0 { - recordLog.Attributes().PutInt(AttributeELBRequestProcessingTimeMs, albRecord.RequestProcessingTime) + if albRecord.RequestProcessingTime != unknownField { + rpt, e := safeConvertStrToFloat(albRecord.RequestProcessingTime) + if e == nil { + recordLog.Attributes().PutDouble(AttributeELBRequestProcessingTime, rpt) + } } - if albRecord.TargetProcessingTime >= 0 { - recordLog.Attributes().PutInt(AttributeELBTargetProcessingTimeMs, albRecord.TargetProcessingTime) + if albRecord.TargetProcessingTime != unknownField { + tpt, e := safeConvertStrToFloat(albRecord.TargetProcessingTime) + if e == nil { + recordLog.Attributes().PutDouble(AttributeELBTargetProcessingTime, tpt) + } } - if albRecord.ResponseProcessingTime >= 0 { - recordLog.Attributes().PutInt(AttributeELBResponseProcessingTimeMs, albRecord.ResponseProcessingTime) + if albRecord.ResponseProcessingTime != unknownField { + rpt, e := safeConvertStrToFloat(albRecord.ResponseProcessingTime) + if e == nil { + recordLog.Attributes().PutDouble(AttributeELBResponseProcessingTime, rpt) + } } if albRecord.TraceID != unknownField { From 312ad3d5106b059697d607f530bda44431a4486f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Crist=C3=B2fol=20Torrens?= Date: Mon, 3 Nov 2025 16:02:09 +0100 Subject: [PATCH 5/7] Use seconds instead of ms in durations. --- extension/encoding/awslogsencodingextension/README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/extension/encoding/awslogsencodingextension/README.md b/extension/encoding/awslogsencodingextension/README.md index 99cbcbdaccb50..eef8b7d7e3cbe 100644 --- a/extension/encoding/awslogsencodingextension/README.md +++ b/extension/encoding/awslogsencodingextension/README.md @@ -377,9 +377,9 @@ ELB access log record fields are mapped this way in the resulting OpenTelemetry | user_agent | `user_agent.original` | | domain_name | `url.domain` | | target:port | `destination.address`, `destination.port` | -| request_processing_time | `aws.alb.request_processing_time_ms` | -| target_processing_time | `aws.elb.target_processing_time_ms` | -| response_processing_time | `aws.elb.response_processing_time_ms` | +| request_processing_time | `aws.alb.request_processing_time` | +| target_processing_time | `aws.elb.target_processing_time` | +| response_processing_time | `aws.elb.response_processing_time` | | target_status_code | `aws.elb.backend.status.code` | | target_group_arn | `aws.elb.target_group_arn` | | "trace_id" | `aws.elb.aws_trace_id` | From 1866f385e179392f7eae64d3266094aad58574a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Crist=C3=B2fol=20Torrens?= Date: Mon, 3 Nov 2025 16:17:39 +0100 Subject: [PATCH 6/7] Fix constant name. --- .../internal/unmarshaler/elb-access-log/fields.go | 2 +- .../internal/unmarshaler/elb-access-log/unmarshaler.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/fields.go b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/fields.go index 41182780a02ca..53f5808583d00 100644 --- a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/fields.go +++ b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/fields.go @@ -21,5 +21,5 @@ const ( AttributeELBTransformedHost = "aws.elb.transformed_host" // string AttributeELBTransformedURI = "aws.elb.transformed_uri" // string AttributeELBRequestTransformStatus = "aws.elb.request_transform_status" // string - AttributeELBAWSTraceId = "aws.elb.aws_trace_id" // string + AttributeELBAWSTraceID = "aws.elb.aws_trace_id" // string ) diff --git a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/unmarshaler.go b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/unmarshaler.go index 4567f3907b0e8..d4958a6acd8c3 100644 --- a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/unmarshaler.go +++ b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/unmarshaler.go @@ -269,7 +269,7 @@ func (f *elbAccessLogUnmarshaler) addToALBAccessLogs(resourceAttr *resourceAttri } if albRecord.TraceID != unknownField { - recordLog.Attributes().PutStr(AttributeELBAWSTraceId, albRecord.TraceID) + recordLog.Attributes().PutStr(AttributeELBAWSTraceID, albRecord.TraceID) } if albRecord.TargetStatusCode != unknownField { statusCode, e := safeConvertStrToInt(albRecord.TargetStatusCode) From 4514edec42fb13e50fbaad51cf27ad02eee9b484 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Crist=C3=B2fol=20Torrens?= Date: Mon, 3 Nov 2025 16:26:50 +0100 Subject: [PATCH 7/7] Fix README. --- .../internal/unmarshaler/elb-access-log/fields.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/fields.go b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/fields.go index 53f5808583d00..de1ebfe6b977d 100644 --- a/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/fields.go +++ b/extension/encoding/awslogsencodingextension/internal/unmarshaler/elb-access-log/fields.go @@ -7,9 +7,9 @@ const ( AttributeELBStatusCode = "aws.elb.status.code" // int AttributeELBBackendStatusCode = "aws.elb.backend.status.code" // int AttributeTLSListenerResourceID = "aws.elb.tls.listener.resource_id" // string - AttributeELBRequestProcessingTime = "aws.elb.request_processing_time" // int - AttributeELBResponseProcessingTime = "aws.elb.response_processing_time" // int - AttributeELBTargetProcessingTime = "aws.elb.target_processing_time" // int + AttributeELBRequestProcessingTime = "aws.elb.request_processing_time" // float + AttributeELBResponseProcessingTime = "aws.elb.response_processing_time" // float + AttributeELBTargetProcessingTime = "aws.elb.target_processing_time" // float AttributeELBTargetGroupARN = "aws.elb.target_group_arn" // string AttributeELBChosenCertARN = "aws.elb.chosen_cert_arn" // string AttributeELBActionsExecuted = "aws.elb.actions_executed" // string