Try it free

Technology bundle processors for logs

  • Latest Dynatrace
  • Reference
  • 4-min read

OpenPipeline provides out-of-the-box processors with tested log parsers for common technologies, platforms, and logging frameworks. These processors are called technology bundles and let you process logs quickly, without creating custom processors.

Overview

Technology bundles normalize diverse log formats into consistent attributes aligned with the Semantic Dictionary, automatically extract key fields, and enable immediate DQL enrichment, searching, and alerting for faster troubleshooting, reliable analytics, and improved data quality.

This page lists the available technology bundles and their processors.

Technology bundle activation in OpenPipeline

You can enable technology bundles as processors in any pipeline. In OpenPipeline, some technology bundles are enabled by default in the pre-processing stage and are applied to every pipeline, so you don't need to manually configure them.

To explore the details of every processor, go to Settings Settings > Process and contextualize > OpenPipeline > Logs and add a new processor. This requires at least one OpenPipeline pipeline. If you don't have one yet, follow the steps to set up a processing pipeline.

List of supported technologies

The following table lists the technology bundles available in OpenPipeline.

Use OpenPipeline OpenPipeline to check the library and validate outputs.

CategoryTechnologyProcessors

AWS

Amazon API Gateway

Amazon API Gateway Default processor, Amazon API Gateway Request Id processor, Amazon API Gateway WebSocket processor, Amazon API Gateway WebSocket CLF processor, Amazon API Gateway WebSocket JSON processor, Amazon API Gateway WebSocket XML processor, Amazon API Gateway WebSocket CSV processor

AWS

Amazon Aurora

Amazon Aurora Default processor, Amazon Aurora DA processor, Amazon Aurora Loglevel processor, Populate status value based on loglevel, Cleanup temporary fields

AWS

Amazon CloudFront

Amazon CloudFront JSON Format processor, Amazon CloudFront TXT Format processor, Amazon CloudFront Access Additional processor, Amazon CloudFront Non DA Fields processor, Loglevel from HTTP status code, Populate status value based on loglevel, Cleanup temporary fields, Cleanup aws.region, Cleanup http.response.size, Cleanup client.ip, Cleanup http.request.method, Cleanup http.server_name, Cleanup url.path, Cleanup http.response.status_code, Cleanup http.request.header.referer, Cleanup browser.user_agent, Cleanup url.query, Cleanup http.request.header.cookie, Cleanup aws.cloudfront.result_type, Cleanup http.request.id, Cleanup server.address, Cleanup network.protocol.name, Cleanup http.request.size, Cleanup duration, Cleanup origin.x_forwarded_for, Cleanup tls.cipher, Cleanup aws.cloudfront.response.result_type, Cleanup aws.fle.status, Cleanup aws.fle.fields_number, Cleanup client.port, Cleanup http.response.time_to_first_byte, Cleanup aws.cloudfront.detailed_result_type, Cleanup http.response.header.content-type, Cleanup http.request.body.size, Cleanup http.response.range_start_value, Cleanup http.response.range_end_value, Cleanup tls.protocol.name, Cleanup tls.protocol.version, Cleanup network.protocol.version

AWS

Amazon EKS

Amazon EKS Control Plane Scheduler, Amazon EKS Control Plane API Server, Amazon EKS Control Plane Controller Manager, Amazon EKS Control Plane Kube API Server Audit, Amazon EKS Control Plane Kube Controller Manager, Amazon EKS Control Plane Authenticator, Populate status value based on loglevel, Cleanup temporary fields

AWS

Amazon ElastiCache

Amazon ElastiCache - engine logs, Amazon ElastiCache - slow logs, Populate status value based on loglevel, Cleanup temporary fields

AWS

Amazon MSK Broker

Amazon MSK Broker (S3 ingestion), Amazon MSK Broker (Firehose ingestion), Amazon MSK Broker (CloudWatch ingestion), Populate status value based on loglevel, Cleanup temporary fields

AWS

Amazon MSK Connect

Amazon MSK Connect (S3 ingestion), Amazon MSK Connect (Firehose ingestion), Amazon MSK Connect (CloudWatch ingestion), Populate status value based on loglevel, Cleanup temporary fields

AWS

Amazon OpenSearch Service

Amazon OpenSearch Service Index Slow, Amazon OpenSearch Service Application, Amazon OpenSearch Service Search Slow, Amazon OpenSearch Service Audit, Populate status value based on loglevel, Cleanup temporary fields

AWS

Amazon Relational Database Service (RDS)

Amazon RDS Default processor, Amazon RDS DA processor, Amazon RDS DB2 diag.log processor, Amazon RDS DB2 notify.log processor, Amazon RDS Loglevel processor, Amazon RDS MySQL and MariaDB - Error processor, Amazon RDS MySQL and MariaDB - Slowquery processor, Amazon RDS Oracle Audit processor, Amazon RDS Oracle Listener processor, Amazon RDS PostgreSQL Default processor, Amazon RDS SQL Server Agent processor, Amazon RDS SQL Server Error processor, Populate status value based on loglevel, Cleanup temporary fields

AWS

Amazon Route 53

Amazon Route53 Public DNS, Loglevel from HTTP status code, Populate status value based on loglevel, Cleanup temporary fields

AWS

Amazon Simple Notification Service (SNS)

Amazon SNS Default processor, Amazon SNS DA processor, Amazon SNS Loglevel processor, Populate status value based on loglevel, Cleanup temporary fields, Cleanup http.response.status_code

AWS

Amazon Virtual Private Cloud Flow Default

Amazon VPC Flow Default processor, Cleanup source.ip, Cleanup destination.ip, Cleanup source.port, Cleanup destination.port, Cleanup packets.number, Cleanup bytes.number, Cleanup traffic.action, Cleanup network.protocol.name, Cleanup network.protocol.number

AWS

AWS App Runner

AWS App Runner Default processor, AWS App Runner Loglevel processor, Populate status value based on loglevel, AWS App Runner Default Loglevel processor

AWS

AWS CloudTrail

AWS CloudTrail JSON processor, Populate status value based on loglevel, Cleanup audit.identity, Cleanup audit.action, Cleanup aws.account.id, Cleanup aws.region, Cleanup aws.arn, Cleanup audit.time, Cleanup result.detail, Cleanup result.code, Cleanup result.message, Cleanup object.name, Cleanup object.id, Cleanup log.source, Cleanup client.ip, Cleanup actor.ips, Cleanup authentication.is_multifactor, Cleanup browser.user_agent

AWS

AWS Common

AWS Common Default processor

AWS

AWS Lambda

AWS Lambda Default processor, AWS Lambda Loglevel processor, AWS Lambda TXT Format processor, AWS Lambda JSON Format processor, AWS Lambda Start End Format processor, Populate status value based on loglevel, Validate timestamp parsing, AWS Lambda Default Loglevel processor, Cleanup temporary fields, Cleanup log.logger, Cleanup message, Cleanup aws.request_id

AWS

AWS Transit Gateway

AWS Transit Gateway Default Flow processor, Populate status value based on loglevel, Cleanup version, Cleanup aws.resource.type, Cleanup aws.account.id, Cleanup aws.tgw.id, Cleanup aws.tgw.attachment.id, Cleanup aws.tgw.source.vpc.account.id, Cleanup aws.tgw.destination.vpc.account.id, Cleanup aws.tgw.source.vpc.id, Cleanup aws.tgw.destination.vpc.id, Cleanup aws.tgw.source.subnet.id, Cleanup aws.tgw.destination.subnet.id, Cleanup aws.tgw.source.eni, Cleanup aws.tgw.destination.eni, Cleanup aws.tgw.source.availability_zone.id, Cleanup aws.tgw.destination.availability_zone.id, Cleanup aws.tgw.pair_attachment.id, Cleanup source.ip, Cleanup destination.ip, Cleanup source.port, Cleanup destination.port, Cleanup network.protocol.number, Cleanup packets.number, Cleanup bytes.number, Cleanup start_time, Cleanup end_time, Cleanup log.status, Cleanup traffic.type, Cleanup packets.lost.no_route, Cleanup packet.lost.blackhole, Cleanup packets.lost.mtu_exceeded, Cleanup packets.lost.ttl_expired, Cleanup tcp_flags, Cleanup aws.region, Cleanup flow.direction, Cleanup aws.source_service, Cleanup aws.destination_service

AWS

AWS WAF

AWS Waf Default processor, AWS Waf Http Request processor, AWS WAF Http Request Headers Inserted processor, AWS WAF Labels processor, AWS WAF Challenge Response processor, AWS WAF Captcha Response processor, AWS WAF Loglevel processor, Populate status value based on loglevel, Cleanup aws.log.format.version, Cleanup aws.web.acl.id, Cleanup terminating.rule.id, Cleanup terminating.rule.type, Cleanup traffic.action, Cleanup terminating.rule.match_details, Cleanup aws.source_service, Cleanup aws.source_service.id, Cleanup rule.group_list, Cleanup rate.based.rule.list, Cleanup non_terminating.matching_rules, Cleanup http.response.status_code, Cleanup ja3.fingerprint, Cleanup oversize_fields, Cleanup http.request, Cleanup client.ip, Cleanup http.request.country, Cleanup http.request.headers, Cleanup url.path, Cleanup url.query, Cleanup network.protocol.name, Cleanup network.protocol.version, Cleanup http.request.method, Cleanup http.request.id, Cleanup labels, Cleanup challenge.response, Cleanup challenge.response.code, Cleanup challenge.response.solve_timestamp, Cleanup challenge.response.failure_reason, Cleanup captcha.response, Cleanup captcha.response.code, Cleanup captcha.response.solve_timestamp, Cleanup captcha.response.failure_reason, Cleanup http.request.headers_inserted, Cleanup temporary fields

Applications

.NET

Serilog, Log4net, Microsoft Logging Extension, Nlog, Structured Message, Exception Stack Trace

Applications

Go

Default, Record-based Log (JSON or KVP)

Applications

Java

Spring Boot, Slf4j, Log4j, Logback, Util Logging, Default, Generic, Exception Stack Trace

Applications

NodeJS

Log4js Default, Morgan Tiny, Morgan Short, Morgan Dev, Morgan Common, Morgan Combined, Pino, Pino with severity level as string, Pino Pretty Format, Winston, Exception Stack Trace

Applications

PHP

Monolog, Laminas

Applications

Python

Default, Exception Stack Trace

Applications

Ruby

Default, Exception Stack Trace

Azure

Azure Application Gateway Logs

Access Log, WAF Firewall Log

Azure

Azure Entra ID Audit Logs

MS Entra ID Audit

Azure

Azure Function App Logs

Application Logs, Exception Logs

Azure

Azure Kubernetes Service (AKS) Logs

Kubernetes Audit, cloud-controller-manager, klog, Health Check Failure

Azure

Azure Load Balancer Logs

Health Event

Azure

Azure Services

Azure Common, Azure Activity Logs, Azure Operational Logs, Azure Container Service, Azure Function App, Azure API Management, Azure MariaDB, Azure MySQL, Azure MySQL Audit Logs, Azure MySQL Slow Logs, Azure PostgreSQL, Azure MSSQL, MSSQL Message Composition, MSSQL Loglevel

Databases

Cassandra

Logback, Dropped Messages, Keyspace Column Family

Databases

Elasticsearch

Default, Slow Log Index, Slow Log Search

Databases

PostgreSQL

Default, Query Logs, Cleanup Query Logs, Duration Logs, Json Logs, Json Query Logs

Databases

Redis

Docker, Server, Loglevel

Dev Tools

JFrog Artifactory

Generic, Request, Access, Access Audit, Access Security Audit

Message Brokers

Apache Kafka

Slf4j, Partition

Message Brokers

RabbitMQ

Default, Separators Format, Json

Servers

Apache HTTP

Access Logs, Error Logs

Servers

Apache Tomcat

Initial Log, Default

Servers

HAProxy

HTTP, HTTPS, TCP, Error, Default

Servers

JBoss

HTTP, Generic

Servers

Microsoft IIS

Default, NCSA, W3C Custom Format, Duration to nanoseconds conversion

Servers

Nginx

Access Log, Error Log

Syslog

Syslog

Cisco Switch C9300, 5424, 3164, Generic, Additional Fields, Loglevel

Migration from classic pipeline

Built-in processors are a classic pipeline concept. Their OpenPipeline equivalent is the technology bundle. Their functionality is similar, but technology bundles extract different fields. See Field name changes from classic pipeline for field-level differences.

If classic pipeline is your default for log processing, you can still apply technology bundles by creating a custom OpenPipeline pipeline. See Process logs with technology bundle parsers.

The table below shows the equivalent technology bundle for each classic processor.

Classic processorEquivalent technology bundle

[Built-in] web_server:nginx:access_log

Servers > Nginx > Nginx Access Log processor

[Built-in] web_server:nginx:error_log

Servers > Nginx > Nginx Error Log processor

[Built-in] db:cassandra:logback

Databases > Cassandra > Cassandra Logback processor

[Built-in] db:cassandra:dropped_messages

Databases > Cassandra > Cassandra Dropped Messages processor

[Built-in] db:cassandra:keyspace_column_family

Databases > Cassandra > Cassandra Keyspace Column Family processor

[Built-in] db:elasticsearch:default_log

Databases > Elasticsearch > Elasticsearch Default processor

[Built-in] db:elasticsearch:slow_log_index

Databases > Elasticsearch > Elasticsearch Slow Log Index processor

[Built-in] db:elasticsearch:slow_log_search

Databases > Elasticsearch > Elasticsearch Slow Log Search

[Built-in] load_balancer:haproxy:http

Servers > HAProxy > HAProxy HTTP processor

[Built-in] load_balancer:haproxy:tcp

Servers > HAProxy > HAProxy TCP processor

[Built-in] load_balancer:haproxy:error

Servers > HAProxy > HAProxy Error processor

[Built-in] load_balancer:haproxy:default

Servers > HAProxy > HAProxy Default processor

[Built-in] cloud:azure:common

Azure > Azure Services

[Built-in] cloud:aws:common

AWS > AWS Common

[Built-in] cloud:aws:apigateway

AWS > Amazon API Gateway

[Built-in] cloud:aws:lambda

AWS > AWS Lambda

[Built-in] cloud:aws:rds

AWS > Amazon Relational Database Service (RDS)

[Built-in] cloud:aws:rdsaurora

AWS > Amazon Aurora

[Built-in] cloud:aws:sns

AWS > Amazon Simple Notification Service (SNS)

[Built-in] cloud:aws:apprunner

AWS > AWS App Runner

[Built-in] cloud:aws:cloudtrail

AWS > AWS CloudTrail

Related topics

  • Changelog for log technology bundle processors
Related tags
Log Analytics