Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JSON output from karmor logs --json is not beautified #439

Open
navin772 opened this issue Jun 5, 2024 · 7 comments · May be fixed by #447
Open

JSON output from karmor logs --json is not beautified #439

navin772 opened this issue Jun 5, 2024 · 7 comments · May be fixed by #447

Comments

@navin772
Copy link

navin772 commented Jun 5, 2024

Currently karmor logs --json gives a cluttered output in a single line:

{"Timestamp":1717591294,"UpdatedTime":"2024-06-05T12:41:34.673689Z","ClusterName":"default","HostName":"navin","NamespaceName":"wordpress-mysql","Owner":{"Ref":"Deployment","Name":"wordpress","Namespace":"wordpress-mysql"},"PodName":"wordpress-78bc585459-626nf","Labels":"app=wordpress","ContainerID":"26f3f479957b89e219806d62df04234a8f1660029346d11239fa9fd86f7a3cc9","ContainerName":"wordpress","ContainerImage":"wordpress:4.8-apache@sha256:6216f64ab88fc51d311e38c7f69ca3f9aaba621492b4f1fa93ddf63093768845","HostPPID":39028,"HostPID":39354,"PPID":193,"PID":199,"UID":0,"ProcessName":"/usr/bin/curl","PolicyName":"DefaultPosture","Type":"MatchedPolicy","Source":"/usr/bin/curl goo.gl","Operation":"Network","Resource":"protocol=UDP,type=SOCK_DGRAM","Data":"lsm=SOCKET_CREATE protocol=UDP,type=SOCK_DGRAM","Enforcer":"BPFLSM","Action":"Block","Result":"Permission denied","Cwd":"/"}

By using MarshalIndent instead of Marshal we can get beautified output like this:

{
  "Timestamp": 1717591662,
  "UpdatedTime": "2024-06-05T12:47:42.500041Z",
  "ClusterName": "default",
  "HostName": "navin",
  "NamespaceName": "wordpress-mysql",
  "Owner": {
    "Ref": "Deployment",
    "Name": "wordpress",
    "Namespace": "wordpress-mysql"
  },
  "PodName": "wordpress-78bc585459-626nf",
  "Labels": "app=wordpress",
  "ContainerID": "26f3f479957b89e219806d62df04234a8f1660029346d11239fa9fd86f7a3cc9",
  "ContainerName": "wordpress",
  "ContainerImage": "wordpress:4.8-apache@sha256:6216f64ab88fc51d311e38c7f69ca3f9aaba621492b4f1fa93ddf63093768845",
  "HostPPID": 39028,
  "HostPID": 43125,
  "PPID": 193,
  "PID": 201,
  "UID": 0,
  "ProcessName": "/usr/bin/curl",
  "PolicyName": "DefaultPosture",
  "Type": "MatchedPolicy",
  "Source": "/usr/bin/curl goo.gl",
  "Operation": "Network",
  "Resource": "protocol=UDP,type=SOCK_DGRAM",
  "Data": "lsm=SOCKET_CREATE protocol=UDP,type=SOCK_DGRAM",
  "Enforcer": "BPFLSM",
  "Action": "Block",
  "Result": "Permission denied",
  "Cwd": "/"
}

Let me know if this is required, I will create a PR for the same.
@DelusionalOptimist
Copy link
Member

This sounds good to me. Though users can use external tools like jq for beautifying but having the ability to do so in karmor itself might come in handy if user doesn't have the tools present.
IMO We can keep the default output as non-beautified and have a --beautify flag which will pretty-print the JSON.
cc @daemon1024 @kranurag7

@kranurag7
Copy link
Member

Agree with Rudraksh here, We also ingest these logs to some logging solutions which will prefer the default that we have now.

For flag I think we can go for something like --format and --output with value of jsonindent or similar something. With this, we can support multiple values in future if required like yaml, table etc. that we have with other CLIs.

@navin772
Copy link
Author

So, the final command will look something like karmor logs --output jsonindent replacing the --json flag completely?

This will require a docs update as --json flag is used widely. Thoughts?

@kranurag7
Copy link
Member

kranurag7 commented Jun 19, 2024
edited
Loading

Don't remove --json that would be a breaking change and we should avoid that.
Adding another value to the flag would be ideal I think.

Edit: We can discuss more on if jsonindent is the name we prefer because it doesn't sound intuitive in my head.

@DelusionalOptimist
Copy link
Member

Yes... let's keep the current output and also the --json flag. We can add an --output/-o flag:
--output json - plain json
--output pretty-json - beautified json
--output text - usual text output

@navin772
Copy link
Author

This looks good, so the final commands will look something like:
karmor logs --output json
karmor logs --output pretty-json
karmor logs --output text

The --json flag will still be present:
karmor logs --json

And the normal log output:
karmor logs

Right?

@EraKin575
Copy link
Contributor

Hi, @navin772 ! Can I work on this enhancement?

@EraKin575 EraKin575 mentioned this issue Jun 25, 2024
Closed
@navin772 navin772 linked a pull request Jun 27, 2024 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
4 participants
@DelusionalOptimist @kranurag7 @navin772 @EraKin575