Edge Delta Custom Processor

The Edge Delta custom processor performs any OTTL function.

3 minute read

Overview

The Custom processor enables you to specify any OTTL statement. This is useful of no other processor offers the function you require, or if you have the statements defined already and want to migrate them.

Configuration

In this example, the session_reason attribute was calculated by converting the session duration from seconds to hours using the Hours function, which converts a given duration into hours. The Format function was then used to construct a descriptive message that incorporates both the username and the calculated inactive hours

- name: Multi Processor
  type: sequence
  processors:
  - type: ottl_transform
    metadata: '{"id":"YbVsBDq1jERJV-r8e1i3Z","type":"ottl_transform","name":"Custom"}'
    statements: |-
      set(cache["inactive_hours"], Hours(Duration(attributes["Duration"])))
      set(attributes["session_reason"], Format(" The session for %s has been terminated after %f hours of inactivity", [attributes["user"],cache["inactive_hours"]]))

Options

Select a telemetry type

You can specify, log, metric, trace or all. It is specified using the interface, which generates a YAML list item for you under the data_types parameter. This defines the data item types against which the processor must operate. If data_types is not specified, the default value is all. It is optional.

It is defined in YAML as follows:

- name: multiprocessor
  type: sequence
  processors:
  - type: <processor type>
    data_types:
    - log

condition

The condition parameter contains a conditional phrase of an OTTL statement. It restricts operation of the processor to only data items where the condition is met. Those data items that do not match the condition are passed without processing. You configure it in the interface and an OTTL condition is generated. It is optional. You can select one of the following operators:

Operator	Name	Description	Example
`==`	Equal to	Returns `true` if both values are exactly the same	`attributes["status"] == "OK"`
`!=`	Not equal to	Returns `true` if the values are not the same	`attributes["level"] != "debug"`
`>`	Greater than	Returns `true` if the left value is greater than the right	`attributes["duration_ms"] > 1000`
`>=`	Greater than or equal	Returns `true` if the left value is greater than or equal to the right	`attributes["score"] >= 90`
`<`	Less than	Returns `true` if the left value is less than the right	`attributes["load"] < 0.75`
`<=`	Less than or equal	Returns `true` if the left value is less than or equal to the right	`attributes["retries"] <= 3`
`matches`	Regex match	Returns `true` if the string matches a regular expression	`isMatch(attributes["name"], ".*\\.name$"`

It is defined in YAML as follows:

- name: _multiprocessor
  type: sequence
  processors:
  - type: <processor type>
    condition: attributes["request"]["path"] == "/json/view"

OTTL Statement

You define the operation of the processor using one or more OTTL statements. This populates the statements parameter in the YAML.

- name: Multiprocessor
  type: sequence
  processors:
  - type: <processor type>
    statements: |-
      <OTTL statement>
      <OTTL statement>

Final

Determines whether successfully processed data items should continue through the remaining processors in the same processor stack. If final is set to true, data items output by this processor are not passed to subsequent processors within the node—they are instead emitted to downstream nodes in the pipeline (e.g., a destination). Failed items are always passed to the next processor, regardless of this setting.

The UI provides a slider to configure this setting. The default is false. It is defined in YAML as follows:

- name: multiprocessor
  type: sequence
  processors:
    - type: <processor type>
    final: true