The Severity Filter processor can be used to filter out logs that do not meet a given severity threshold.
| Metrics | Logs | Traces |
|---|---|---|
| ✓ |
| Parameter | Type | Default | Description |
|---|---|---|---|
| severity | enum |
TRACE |
Minimum severity to match. Log entries with lower severities will be filtered. |
| condition | string |
true |
An OTTL expression used to match which log records to sample from. All paths in the log context are available to reference. All converters are available to use. |
Valid severity levels:
Filter out INFO and TRACE logs where Attribute ID is less than 3.
apiVersion: bindplane.observiq.com/v1
kind: Processor
metadata:
id: severity-filter
name: severity-filter
spec:
type: filter_severity
parameters:
- name: severity
value: WARN
- name: condition
value:
ottl: (attributes["ID"] < 3)
ui:
operator: ''
statements:
- key: ID
match: attributes
operator: <
value: '3'
apiVersion: bindplane.observiq.com/v1
kind: Configuration
metadata:
id: severity-filter
name: severity-filter
labels:
platform: linux
spec:
sources:
- type: journald
parameters:
- name: units
value: []
- name: directory
value: ''
- name: priority
value: info
- name: start_at
value: end
processors:
- type: filter_severity
parameters:
- name: severity
value: WARN
- name: condition
value:
ottl: (attributes["ID"] < 3)
ui:
operator: ''
statements:
- key: ID
match: attributes
operator: <
value: '3'
selector:
matchLabels:
configuration: severity-filter