We are trying to use the nginx logs that we’ve ingested into loki to find the number of requests group by the remote ip address.
sum_over_time({container="nginx", namespace="production"}| json | line_format "{{.log}}" | pattern `<ip> ` | unwrap ip [5m])
As one might expect we encounter SampleExtractionErr, however if we add the usual | __error__="" we get no results. This suggests that we’re encountering a error for every line. The sample provided in the error contains the parsed ip label so we’re not understanding what the actual problem is.
example parse error:
pipeline error: 'SampleExtractionErr' for series: '{__error__="SampleExtractionErr", container="nginx", host="ip-10-0-1-1", ip="123.456.7.89" log="123.456.7.89 - - [28/Jul/2022:13:28:18 -0400] \"GET..." Use a label filter to intentionally skip this error. (e.g | __error__!="SampleExtractionErr"). To skip all potential errors you can match empty errors.(e.g __error__="") The label filter can also be specified after unwrap. (e.g | unwrap latency | __error__="" )
Can anyone point us in the right direction?