cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Log processing rule matcher is not working for attributes added in predecessor rule

pallepavan
Participant

Scenario: i two rules similar as below,

Rule 1 :  Adding a new attribute named service.name set to "example"
Rule 2 : use a log matcher to filter by matchesValue(service.name, "example")

But Rule 2 is never applied during log ingestion. Looks like some kind of issue with overlap of running Rule2 before the newly created attribute is available from Rule 1, is this an expected scenario ? 

1 REPLY 1

nils_stellhorn
Observer

Could you explain a little more about what you would like to do? If I understand you correctly, you would like to add a key-value pair "service.name": "example" to the JSON. Then you would like to create a second rule for further processing that matches if this condition applies. Can you send the processing rule that you have used and what you would like to have in the end here?

 

I think what you are trying to do is not possible. However, you can add multiple parse commands to first add the key-value pair and then filter on the new pair. More information can be found here:

Log processing examples (Logs Classic) | Dynatrace Docs

Featured Posts