otel_trace_group
The otel_trace_group
processor completes missing trace-group-related fields in the collection of span records by looking up the OpenSearch backend. The otel_trace_group
processor identifies the missing trace group information for a spanId
by looking up the relevant fields in its root span
stored in OpenSearch.
OpenSearch
When you connect to an OpenSearch cluster using your username and password, use the following example pipeline.yaml
file to configure the otel_trace_group
processor:
pipeline:
...
processor:
- otel_trace_group:
hosts: ["https://localhost:9200"]
cert: path/to/cert
username: YOUR_USERNAME_HERE
password: YOUR_PASSWORD_HERE
See OpenSearch security for a more detailed explanation of which OpenSearch credentials and permissions are required and how to configure those credentials for the OTel trace group processor.
Amazon OpenSearch Service
When you use Amazon OpenSearch Service, use the following example pipeline.yaml
file to configure the otel_trace_group
processor:
pipeline:
...
processor:
- otel_trace_group:
hosts: ["https://your-amazon-opensearch-service-endpoint"]
aws_sigv4: true
cert: path/to/cert
insecure: false
Configuration
You can configure the otel_trace_group
processor with the following options.
Name | Description | Default value |
---|---|---|
hosts | A list of IP addresses of OpenSearch nodes. Required. | No default value. |
cert | A certificate authority (CA) certificate that is PEM encoded. Accepts both .pem or .crt. This enables the client to trust the CA that has signed the certificate that OpenSearch is using. | null |
aws_sigv4 | A Boolean flag used to sign the HTTP request with AWS credentials. Only applies to Amazon OpenSearch Service. See OpenSearch security for details. | false . |
aws_region | A string that represents the AWS Region of the Amazon OpenSearch Service domain, for example, us-west-2 . Only applies to Amazon OpenSearch Service. | us-east-1 |
aws_sts_role_arn | An AWS Identity and Access Management (IAM) role that the sink plugin assumes to sign the request to Amazon OpenSearch Service. If not provided, the plugin uses the default credentials. | null |
aws_sts_header_overrides | A map of header overrides that the IAM role assumes for the sink plugin. | null |
insecure | A Boolean flag used to turn off SSL certificate verification. If set to true , CA certificate verification is turned off and insecure HTTP requests are sent. | false |
username | A string that contains the username and is used in the internal users YAML configuration file of your OpenSearch cluster. | null |
password | A string that contains the password and is used in the internal users YAML configuration file of your OpenSearch cluster. | null |
Configuration option examples
You can define the configuration option values in the aws_sts_header_overrides
option. See the following example:
aws_sts_header_overrides:
x-my-custom-header-1: my-custom-value-1
x-my-custom-header-2: my-custom-value-2
Metrics
The following table describes custom metrics specific to the otel_trace_group
processor.
Metric name | Type | Description |
---|---|---|
recordsInMissingTraceGroup | Counter | The number of ingress records missing trace group fields. |
recordsOutFixedTraceGroup | Counter | The number of egress records with successfully completed trace group fields. |
recordsOutMissingTraceGroup | Counter | The number of egress records missing trace group fields. |