Reputation: 90
Azure adds timestamp at the beginning logs
I have a problem with the logs retrieving from my docker containers with Azure log analytics, all logs are retrieving well but Azure adds a date at the beginning of each line of the log, which means that an entry is created for each line and I can't analyze my logs correctly because they are divided...
For example on this image I have in the black rectangle an added date (by azure I think) and in the red rectangle the date appearing in my logs :
Also, if there is no date on a line of my logs, there is still an added date on all lines, even the empty ones
The problem is that azure cuts my log file line by line by adding a date on each line when I would like it to delimit with the dates already present in my logs files.
Do you have any solutions?
Upvotes: 0
Views: 725
Answers (2)
Reputation: 90
Currently Azure Monitor for containers doesn’t support multi-line logging, but there are workarounds available. You can configure all the services to write in JSON format and then Docker/Moby will write them as a single line.
Upvotes: 0
Reputation: 29985
One of the solution I can think of is that, when you query the logs, you can use the replace() method to replace the redundant date(replace it with a empty string etc.). And you need to write the proper regular expression for your purpose.
A false query like below:
ContainerLog
| extend new_logEntry=replace(@'xxx', @'xxx', LogEntry)
Upvotes: 2
Related Questions
- Set timestamp of container to apply in docker logs
- TimeGenerated field not taking provided date
- Azure Container Instance Custom Log in Log Analytics Workspace
- Getting logs for Azure Container Instance that freezes
- Azure Logs does not have all data
- How to convert datetime format on Azure Logs Query
- Two timestamps in dockerlogs
- Microsoft BotFramework Transcript Logging Timestamp Format
- Getting on-prem Docker logs to Azure log analytics
- Adding Where condition on Timestamp yields odd aggregated results