issue: 4040970: [UFM Events Grafana Dashboard Plugin] Improve the log…

…s parsing regex to handle the anomalous events. (#269)

plugins/ufm_events_grafana_dashboard_plugin/README.md

@@ -0,0 +1,26 @@
+# UFM Events Grafana Dashboard Plugin
+
+## Overview
+This plugin monitors and parses UFM events from the `event.log` file using Fluentd. It pushes the logs to a Loki server and visualizes them through Grafana dashboards.
+
+## Installation
+1. **Install Plugin** on UFM.
+2. **Access Grafana Dashboard** at: `http://<IP>:3002` (default credentials: `admin/admin`).
+
+## Components
+- **Fluentd**: Parses `event.log` file, extracts relevant fields, and pushes logs to Loki.
+- **Loki**: Aggregates and stores logs.
+- **Grafana**: Visualizes logs with predefined panels (e.g., Events Stats, Topology Changes, Hardware Events).
+
+## Configuration Files
+- Fluentd: `/opt/ufm/files/conf/plugins/ufm_events_grafana_dashboard/fluentd/fluentd.conf`
+- Loki: `/opt/ufm/files/conf/plugins/ufm_events_grafana_dashboard/loki/loki-local-config.yaml`
+- Grafana: `/opt/ufm/files/conf/plugins/ufm_events_grafana_dashboard/grafana/grafana.ini`
+
+## Logs
+Plugin logs are stored in `/opt/ufm/files/log/plugins/ufm_events_grafana_dashboard/`.
+
+## Usage
+Navigate to Grafana -> Dashboards -> UFM Events to view predefined panels or create custom queries under the Explore section.
+
+![Dashboard Screenshot](./grafana_dashboard.png)

plugins/ufm_events_grafana_dashboard_plugin/conf/fluentd/fluentd.conf

@@ -10,7 +10,7 @@
     # some logs might be multilines entry that should be handled:
     @type multiline
     format_firstline /^(\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}\.\d{3})/ # to match the first line of a log entry, which is date time format
-    format1 /^(?<timestamp>[\d\-]+ [\d\:\.]+) \[\d+\] \[\d+\] (?<severity>\w+) (?:Site \[[\w-]*\] )?\[(?<event_type>\w+)\] (?<object_type>\w+) \[(?<object_id>.*)\]\: (((?<event>[ \w\/\-]+)((\,|\:|\.) (?<event_details>.*))?)|(?<event_fallback>.*))$/
+    format1 /^(?<timestamp>[\d\-]+ [\d\:\.]+) \[\d+\] \[\d+\] (?<severity>\w+) (?:Site \[[\w-]*\] )?\[(?<event_type>\w+)\] (?<object_type>\w+) \[(?<object_id>.*)\]\: (((?<event>[ \w]+)((\,|\:|\.|\-) (?<event_details>.*))?)|(?<event_fallback>.*))$/
     time_key timestamp
     time_format %Y-%m-%d %H:%M:%S.%L
   </parse>

plugins/ufm_events_grafana_dashboard_plugin/conf/fluentd/parse_object_id.rb

@@ -42,6 +42,8 @@ def filter(tag, time, record)
     else
       record['object_id'] = objtype
     end
+  when 'Grid'
+    record['object_type'] = 'UFM'
   else
     record['object_id'] = objtype
   end