Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Aggregated index namespace matching main indices #11768

Open
b2ronn opened this issue Oct 4, 2023 · 3 comments
Open

Aggregated index namespace matching main indices #11768

b2ronn opened this issue Oct 4, 2023 · 3 comments
Labels
enhancement

Comments

@b2ronn
Copy link

b2ronn commented Oct 4, 2023

Elasticsearch/Kibana/Fleet/Apm - 8.10.2.

Issue Description:
I am using the reroute processor to change namespaces according to the "labels.project" label. However, aggregated indices remain in the default namespace.

Feature Request:
I propose either considering this behavior as a potential bug or adding a feature that allows for the automatic relocation of aggregated indices to the same namespaces as their corresponding main indices when using the reroute processor. This enhancement would streamline the management of indices and improve overall data organization within the Elasticsearch ecosystem.
@axw
Copy link
Member

axw commented Oct 5, 2023

@b2ronn is the "project" label configured as a global label? If so, then that field should also be available in aggregated metric documents, and you can add a reroute processor to the ingest pipeline for the metrics data streams too.

I agree that it would ideally be automatically synchronised. The problem is that the metrics are pre-aggregated by APM Server rather than Elasticsearch, and Elasticsearch handles the rerouting. We're thinking about how to generalise pre-aggregation, potentially moving it to Elasticsearch in the future, and will keep this in mind.

@b2ronn
Copy link
Author

b2ronn commented Oct 5, 2023
edited

I forgot to clarify, "labels.project" it is global labels for APM RUM, and global labels are not present in aggregated metrics (the last version of the APM server, where global labels were in aggregated indexes, was 8.7.0)

@b2ronn b2ronn mentioned this issue Oct 5, 2023
Open
@axw
Copy link
Member

axw commented May 6, 2024

For a long term solution, we will need to have a way to configure which labels should be included as dimensions in aggregated metrics. Then you would configure APM Server to say the "project" label should be a dimension, and it would be available in the metrics documents for routing.

Until then, one workaround would be to encode the project name in the service name, and then remove it in an ingest pipeline for all traces, metrics, and logs data streams. For example, if you set the service name to service-project, then you could use a dissect ingest processor to update service.name to "service" and set labels.project to "project" like this:

{
    "dissect": {
      "field": "service.name",
      "pattern": "%{service.name}-%{labels.project}",
      "ignore_missing": true,
      "ignore_failure": true
    }
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@axw @b2ronn