Configurable delay to consider a line complete for the file source

[s-at-ik]

A note for the community

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Use Cases

A third party program (on which I have little to no control) outputs its logs in multi-line xml. If that wasn't bad enough, the logs always start with a newline but do not end with a newline.

The log will look something like this:

<?xml version="1.0" encoding="UTF-8"?><a><lot><of></of></lot><tags/></a>

<?xml version="1.0"?>
<a>
<lot>
  <of></of>
</lot>
<tags/>
</a>

<?xml version="1.0" encoding="UTF-8"?><a><lot><of>
</of></lot><tags/></a>

<?xml version="1.0"?>
<a><lot><of></of></lot><tags/></a>

Attempted Solutions

I've written a set of transform to read these log which works fine when sourcing a static file with a newline at the end:

sources:
    source_logs_xml:
        type: file
        include:
            - /var/log/log.xml
        multiline:
          start_pattern: "^<\?xml"
          mode: halt_with
          condition_pattern: "</a>$"
          timeout_ms: 1000
transforms:
    drop_empty_xml_logs:
      type: filter
      inputs:
        - source_logs_xml
      condition: "!is_nullish(.message)"
    transform_xml_logs:
        inputs:
            - drop_empty_xml_logs
        source: |-
            . |= object!(parse_xml!(.message))
            del(.message)
        type: remap

However when reading the actual log file, due to the lack of newline character on the last line, the input received by the transform looks like (ignoring empty logs):

<?xml version="1.0" encoding="UTF-8"?><a><lot><of></of></lot><tags/></a>

<?xml version="1.0"?>
<a>
<lot>
  <of></of>
</lot>
<tags/>

</a>

<?xml version="1.0" encoding="UTF-8"?><a><lot><of>

</of></lot><tags/></a>

<?xml version="1.0"?>

<a><lot><of></of></lot><tags/></a>

As you'd expected, not much ends up as valid xml.

Proposal

As suggested by @jszwedko in #18341 , a configurable timeout for vector to consider the current line complete would alleviate this problem. In my use case it could be set to a value slightly lower than multiline.timeout_ms to ensure the last line gets properly included.

Alternatively multiline could include the current line buffer when its timeout expires, but I find this solution less elegant and less logical.

References

#18341

Version

vector 0.32.1 (x86_64-unknown-linux-gnu 9965884 2023-08-21 14:52:38.330227446)

[pgmillon]

Magento's exception log doesn't include an EOL character for the last line, causing Vector to systematically loose the last line of the stack traces:

2013-02-12T09:30:25+00:00 ERR (3):
exception 'Mage_Customer_Exception' with message 'This customer email already exists' in /usr/local/share/xyz.com/app/Mage.php:579
Stack trace:
#0 /usr/local/share/xyz.com/app/code/core/Mage/Customer/Model/Resource/Customer.php(99): Mage::exception('Mage_Customer', 'This customer e...', 3)
#1 /usr/local/share/xyz.com/app/code/core/Mage/Eav/Model/Entity/Abstract.php(1122): Mage_Customer_Model_Resource_Customer->_beforeSave(Object(Mage_Customer_Model_Customer))
#2 /usr/local/share/xyz.com/app/code/core/Mage/Core/Model/Abstract.php(318): Mage_Eav_Model_Entity_Abstract->save(Object(Mage_Customer_Model_Customer))
#3 /usr/local/share/xyz.com/app/code/core/Mage/Core/Model/Resource/Transaction.php(151): Mage_Core_Model_Abstract->save()
#4 /usr/local/share/xyz.com/app/code/core/Mage/Sales/Model/Service/Quote.php(189): Mage_Core_Model_Resource_Transaction->save()
#5 /usr/local/share/xyz.com/app/code/core/Mage/Sales/Model/Service/Quote.php(249): Mage_Sales_Model_Service_Quote->submitOrder()
#6 /usr/local/share/xyz.com/app/code/core/Mage/Checkout/Model/Type/Onepage.php(774): Mage_Sales_Model_Service_Quote->submitAll()
#7 /usr/local/share/xyz.com/app/code/core/Mage/Checkout/controllers/OnepageController.php(511): Mage_Checkout_Model_Type_Onepage->saveOrder()
#8 /usr/local/share/xyz.com/app/code/core/Mage/Core/Controller/Varien/Action.php(419): Mage_Checkout_OnepageController->saveOrderAction()
#9 /usr/local/share/xyz.com/app/code/core/Mage/Core/Controller/Varien/Router/Standard.php(250): Mage_Core_Controller_Varien_Action->dispatch('saveOrder')
#10 /usr/local/sharexyz.com//app/code/core/Mage/Core/Controller/Varien/Front.php(176): Mage_Core_Controller_Varien_Router_Standard->match(Object(Mage_Core_Controller_Request_Http))
#11 /usr/local/sharexyz.com//app/code/core/Mage/Core/Model/App.php(354): Mage_Core_Controller_Varien_Front->dispatch()
#12 /usr/local/sharexyz.com//app/Mage.php(683): Mage_Core_Model_App->run(Array)
#13 /usr/local/sharexyz.com//index.php(87): Mage::run('default', 'store')
#14 {main}

[fpytloun]

Just came to this issue after few hours of debugging (multiline, transforms, line delimiter) in use case where I just want to grab file as is and forward upstream as is.
In my opinion this is critical bug causing data loss rather than a feature request! 😯