4.0 KiB
4.0 KiB
| name | description | metadata | ||||
|---|---|---|---|---|---|---|
| bms-log-test-query | Query BMS (bms-sit) application logs from Elasticsearch via Kibana console proxy. Use when the user asks to check BMS logs, search BMS errors, or look up recent log entries. All queries go through Kibana at http://172.17.12.18:8000 — ES direct port is NOT accessible. |
|
BMS Log Query Skill
Scope: ONLY
bms-sitdata view →bms-test*andpms*indices.
Connection Details (DO NOT re-verify — confirmed working)
- Auth: Read from
~/.env(home directory):BMS_LOG_TEST_URL= Kibana proxy URLBMS_LOG_TEST_USERNAME= elasticBMS_LOG_TEST_PASSWORD= (stored in .env)
- ES Version: 8.6.1
- ES direct port: NOT accessible. All queries go through Kibana console proxy.
Data View Mapping
| Kibana Data View | ES Index Pattern |
|---|---|
bms-sit |
bms-test*, pms* |
Kibana Console Proxy Format
POST http://172.17.12.18:8000/api/console/proxy?path=<URL_ENCODED_ES_PATH>&method=<HTTP_METHOD>
Headers: kbn-xsrf: true, Content-Type: application/json
Index Pattern
bms-test-YYYY-MM-DD— daily rolling indices, ~2,000,000 docs/daypms-test-YYYY-MM-DD— PMS test logs, ~59,000 docs/day
Query Patterns
Latest N logs
POST /api/console/proxy?path=/bms-test-<DATE>/_search&method=GET
{
"sort": [{"@timestamp": "desc"}],
"size": 10
}
Search by keyword
POST /api/console/proxy?path=/bms-test-<DATE>/_search&method=GET
{
"query": {
"multi_match": {
"query": "<keyword>",
"fields": ["message", "error.message", "original_message"]
}
},
"sort": [{"@timestamp": "desc"}],
"size": 20
}
Search errors in time range
POST /api/console/proxy?path=/bms-test-<DATE>/_search&method=GET
{
"query": {
"bool": {
"must": [
{ "range": { "@timestamp": { "gte": "now-1h", "lte": "now" } } },
{ "match_phrase": { "message": "ERROR" } }
]
}
},
"size": 20,
"sort": [{"@timestamp": "desc"}]
}
Count docs
GET /api/console/proxy?path=/bms-test-<DATE>/_count&method=GET
Get mapping (available fields)
GET /api/console/proxy?path=/bms-test-<DATE>/_mapping&method=GET
Log Fields
| 字段 | 说明 |
|---|---|
@timestamp |
ES 时间戳 (ISO 8601) |
timestamp |
原始时间字符串 |
message |
日志正文 (中文/英文) |
original_message |
原始未格式化消息 |
level |
日志级别 (INFO, WARN, ERROR) |
app_name |
应用名 (如 bms-web) |
class |
Java 类名 |
thread |
线程名 (如 http-nio-8081-exec-59) |
traceId |
SkyWalking 链路追踪 ID |
parentTraceId |
父级追踪 ID |
stack_trace |
异常堆栈 (无异常时为空) |
host_ip |
主机 IP |
log_origin |
日志来源标识 |
Troubleshooting Guide — 排查链路问题
排查业务链路问题时,结合以下三个核心维度:
- message + 时间戳 — 定位具体操作和发生时间,快速缩小范围
- traceId — SkyWalking 分布式链路追踪 ID,可贯穿整个调用链(前端 → 网关 → 服务A → 服务B → DB)
- 大部分业务场景下 traceId 可完整贯穿
- 例外:xxljob 定时任务、dubbo 服务互相调用可能丢失 traceId
- thread — 单机线程名,辅助定位具体执行线程
- 测试环境通常单实例,thread 可直接定位
- 生产环境注意分布式问题:同一线程名可能出现在不同机器上,需结合
host_ip一起使用
推荐排查流程:
- 已知现象 → 用 message 关键词 + 时间范围找到第一条相关日志 → 提取 traceId → 用 traceId 查出完整链路 → 结合 thread + host_ip 定位具体节点
Rules
- Never re-probe ES connectivity — Kibana proxy is the only working method
- Never try ports 9200/9201/5601 — not accessible
- Never store credentials in this file
- When user says "查 bms-sit" → query
bms-test-*indices