Chang logLevel of worker to WARNING
polarG opened this issue · comments
Currently the default logLevel of worker is INFO. And log sending and parsing occupied too much bandwidth of fluentd container.
Take trap for example, every trap message will create 3 log events liking
[2022-02-07 05:34:59,998: INFO/MainProcess] Task splunk_connect_for_snmp.splunk.tasks.send[645d4655-f1e3-4d32-bec0-921892c5e7e4] received
[2022-02-07 05:34:59,997: INFO/ForkPoolWorker-4] Task splunk_connect_for_snmp.snmp.tasks.trap[edcaa561-3024-4b35-8c06-7093578f3f60] succeeded in 0.0019803130999207497s: {'time': 1644212099.9964473, 'result': {'SNMPv2-MIB::tuple=int=0': {'metrics': {...}, 'fields': {...}}}, 'address': '10.224.79.117', 'detectchange': False, 'sourcetype': 'sc4snmp:traps'}
[2022-02-07 05:34:59,996: INFO/ForkPoolWorker-1] Task splunk_connect_for_snmp.splunk.tasks.prepare[3a6e969c-41d1-420f-851c-aaf4f24e1265] succeeded in 0.0022489288821816444s: {'events': ['{"time": 1644212099.9924145, "event": "{"SNMPv2-MIB.snmpTrapOID": {"time": 1644212099.9924133, "type": "r", "value": "SNMPv2-MIB::coldStart", "oid": "1.3.6.1.6.3.1.1.4.1.0"}, "SNMPv2-MIB.sysUpTime": {"time": 1644212099.9923797, "type": "cc", "value": 1644212099.0, "oid": "1.3.6.1.2.1.1.3.0"}}", "source": "sc4snmp", "sourcetype": "sc4snmp:traps", "host": "10.224.79.117", "index": "netops"}'], 'metrics': []}
These events will also be parsed by fluentd and sent to Indexer.
Hello,
Right, the default value provided in the documentation is INFO
and it makes sense to change it to WARNING
.
In case you want to do it yourself for now, please set the logLevel
variable of worker
in values.yaml
file to WARNING
, like:
worker:
logLevel: "WARNING"
and run an upgrade of SC4SNMP.