Guide to drop logs

Overview

The filter processor in OpenTelemetry allows you to drop logs based on body, log level (aka severity text), or other attributes. This is useful if you want to exclude certain logs from being sent to SigNoz.

The filter processor is configured in the processors::filter section of the otel-collector-config.yaml file.

📝 Note

The processor needs to be added to the logs pipeline to take effect.

logs:
  receivers: [otlp]
  processors: [filter/drop_logs_by_severity_text, batch]
  exporters: [otlp]

Drop Logs

  1. Drop logs by log level / severity text
processors:
  filter/drop_logs_by_level:
    logs:
      log_record:
        - 'IsMatch(severity_text, "(?i)\b(DEBUG)\b")'
  1. Drop logs by body regex
processors:
  filter/drop_logs_by_body_regex:
    logs:
      log_record:
        - 'IsMatch(body, ".*password.*")'
  1. Drop logs by resource attributes (like service.name, host.name, k8s.pod.name, etc.)
processors:
  filter/drop_logs_by_label_values:
    logs:
      log_record:
        - resource.attributes["k8s.pod.name"] == "test-pod"
  1. Drop logs by resource attributes regex
processors:
  filter/drop_logs_by_label_values_regex:
    logs:
      log_record:
        - IsMatch(resource.attributes["k8s.pod.name"], "test-pod-.*")
  1. Drop logs by logs attributes (like remote_addr, user_agent.name, etc.)
processors:
  filter/drop_logs_by_label_values:
    logs:
      log_record:
        - attributes["user_agent.name"] == "Safari"
  1. Drop logs by logs attributes regex
processors:
  filter/drop_logs_by_label_values_regex:
    logs:
      log_record:
        - IsMatch(attributes["http.method"], "GET|POST")
  1. Exclude/Include/Filter logs in Kubernetes environments

For Kubernetes environments, you can also configure log exclusion/inclusion using the k8s-infra chart configuration. This provides a simpler way to exclude or include logs based on namespaces, pods, or containers without writing custom OpenTelemetry processors.

See our Kubernetes pod logs collection guide for detailed configuration examples including:

  • Excluding logs from specific namespaces, pods, or containers
  • Including only logs from specific namespaces, pods, or containers
  • Using filter operators for expression-based filtering

Refer to the OpenTelemetry documentation for more details on how to configure the filter processor.

Get Help

If you need help with the steps in this topic, please reach out to us on SigNoz Community Slack.

If you are a SigNoz Cloud user, please use in product chat support located at the bottom right corner of your SigNoz instance or contact us at cloud-support@signoz.io.

Was this page helpful?

Prev
Logs URL for Explorer
Next
PII Scrubbing
On this page
Overview
Drop Logs
Get Help
Docs
IntroductionContributingMigrate from DatadogSigNoz API
Community
Support
Slack
Twitter
Launch Week
Changelog
Dashboard Templates
Newsletter
More
SigNoz vs DatadogSigNoz vs New RelicSigNoz vs GrafanaSigNoz vs Dynatrace
Careers
AboutTermsPrivacySecurity & Compliance
SigNoz
All systems operational