Fluent Bit occasionally corrupts/truncates log entries when processing multiple log files. #8798
Labels
status: waiting-for-triage
waiting-for-user
Waiting for more information, tests or requested changes
Bug Report
Describe the bug
Fluent Bit occasionally corrupts/truncates log entries when processing multiple log files. To be sure, that issue does not occur on Elasticsearch side where logs end up, 2 different outputs were set up to prove that something is wrong with Fluentbit. Moreover, when resending same log twice (locally), it is being shipped properly, so it seems that Fluentbit does not cope well when there are multiple log files.
Original log from the file:
Log from http output (elasticsearch v 8.8.1):
Log from es output (elasticsearch v 8.12.2):
For some reason, the log is corrupted/truncated in this place "messageTemplate":"The request is insecu"Id":2}.
Context
Currently Fluentbit is deployed as a
Deployment
in Kubernetes environment. 1 Fluentbit instance per 1 namespace. In namespace there are multiple apps that write their logs to file. Fluentbit watches around 51 files (but might be up to 150). The evidence is below:Your Environment
fluent-bit:2.2.2-debug
Kubernetes
kind: Deployment
Configuration
fluent-bit.conf:
custom-parsers.conf:
The text was updated successfully, but these errors were encountered: