CloudWatch Collector does not properly set namespace and container name metadata #3992
Description
Scenario
- Setup an AWS EKS Cluster using Fargate.
- Follow the guide at Fargate to get things setup so that the CloudWatch collector will get the logs from CloudWatch and send the logs off through the pipeline.
- Create a namespace named
my-namespace-abcd1234 - Make sure a Fargate profile is setup properly for pods in the above namespace so they are scheduled properly
- Create some pods in that namespace making sure the container name in the pod would be like
my-container-xyz987 - Wait for the logs to get fully submitted to SumoLogic
Expected Result
Now, in SumoLogic, I should be able to do a Log Search of namespace="my-namespace-abcd1234" and the logs from the pod in that namespace should qualify.
I should also be able to do a Log Search of container="my-container-xyz987" and the logs from that one container in the pod should qualify.
Actual Result
The Log Searches mentioned above in the Expected Result section return no results.
My Findings
Upon looking at otelcloudwatch/config.yaml, the regular expressions used to parse out the namespace and the name of the container in transform/metadata do not properly follow the naming convention at Working With Objects / Names
Using v4.16.0 of the SumoLogic Helm Chart (But I think this has been an issue for a very long time)
Using AWS EKS v1.33