1707538 – Fix typo of random_string that prevents forwarding to SYSLOG via UDP to fail

Bug 1707538 - Fix typo of random_string that prevents forwarding to SYSLOG via UDP to fail

Summary: Fix typo of random_string that prevents forwarding to SYSLOG via UDP to fail

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Logging
Sub Component:
Version:	4.1.0
Hardware:	x86_64
OS:	All
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Target Release:	4.1.0
Assignee:	Noriko Hosoi
QA Contact:	Anping Li
Docs Contact:
URL:
Whiteboard:
Depends On:	1703904 1707899 1707901
Blocks:
TreeView+	depends on / blocked

Reported:	2019-05-07 18:12 UTC by Noriko Hosoi
Modified:	2020-01-27 13:55 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:	Cause: 1) There was a missing '@' for an instance variable in the fleuntd remote syslog plugin code. 2) There were some cases that systemd-journald logged non-decimal facility values. Consequence: 1) Forwarding logs to remote rsyslog via UDP failed. 2) Forwarding a log record including a non-digital facility value failed regardless of the network protocol. Fix: 1) The missing '@' was added. 2) The fluentd remote syslog plugin checks the facility value. If the value is not in the defined value set, it resets to the default value. Result: Forwarding logs remote rsyslog do not fail.
Clone Of:	1703904
Environment:
Last Closed:	2019-06-04 10:48:34 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2019:0758	0	None	None	None	2019-06-04 10:48:41 UTC

Comment 1 Anping Li 2019-05-20 11:15:30 UTC

I couldn't receive log on the rsyslog server.

cat /var/log/fluentd/fluentd.log

2019-05-20 11:09:12 +0000 [warn]: [elasticsearch-apps] buffer flush took longer time than slow_flush_log_threshold: elapsed_time=34.823131942001055 slow_flush_log_threshold=20.0 plugin_id="elasticsearch-apps"
2019-05-20 11:09:45 +0000 [warn]: [elasticsearch-apps] buffer flush took longer time than slow_flush_log_threshold: elapsed_time=32.84825437099971 slow_flush_log_threshold=20.0 plugin_id="elasticsearch-apps"
2019-05-20 11:09:48 +0000 [warn]: [elasticsearch-apps] buffer flush took longer time than slow_flush_log_threshold: elapsed_time=30.94880408499921 slow_flush_log_threshold=20.0 plugin_id="elasticsearch-apps"
2019-05-20 11:10:11 +0000 [warn]: [remote-syslog-input] out:syslog: invalid facility value DHCP4; reset to default local0
2019-05-20 11:10:11 +0000 [warn]: [remote-syslog-input] out:syslog: invalid facility value DHCP4; reset to default local0
2019-05-20 11:10:11 +0000 [warn]: [remote-syslog-input] out:syslog: invalid facility value DHCP4; reset to default local0
2019-05-20 11:10:11 +0000 [warn]: [remote-syslog-input] out:syslog: invalid facility value DHCP4; reset to default local0
2019-05-20 11:10:11 +0000 [warn]: [remote-syslog-input] out:syslog: invalid facility value DHCP4; reset to default local0
2019-05-20 11:10:11 +0000 [warn]: [remote-syslog-input] out:syslog: invalid facility value DHCP4; reset to default local0
2019-05-20 11:10:11 +0000 [warn]: [remote-syslog-input] out:syslog: invalid facility value DHCP4; reset to default local0
2019-05-20 11:10:11 +0000 [warn]: [remote-syslog-input] out:syslog: invalid facility value DHCP4; reset to default local0
2019-05-20 11:10:11 +0000 [warn]: [remote-syslog-input] out:syslog: invalid facility value DHCP4; reset to default local0

steps: 
1) deploy logging
2) deploy rsyslogs server using cluster-admin in openshift-logging namespace
https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/logging/rsyslogserver/01_createsa.sh
https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/logging/rsyslogserver/02_creatersyslogserver.sh
3) patch cm/fluentd to send logs to rsyslog via UDP
https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/logging/rsyslogserver/03_patchcm.sh
4) Waiting logs in rsyslog server
oc logs $rsyslogserver -f

Comment 2 Anping Li 2019-05-20 11:17:47 UTC

By the ways, I can received the logs when use out_buffer_syslog

steps: 
1) deploy logging
2) deploy rsyslogs server using cluster-admin in openshift-logging namespace
https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/logging/rsyslogserver/01_createsa.sh
https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/logging/rsyslogserver/02_creatersyslogserver.sh
3) patch cm/fluentd to send logs to rsyslog via UDP
https://raw.githubusercontent.com/openshift-qe/v3-testfiles/master/logging/rsyslogserver/03_updateds.sh
4) Waiting logs in rsyslog server
oc logs $rsyslogserver -f

Comment 4 Anping Li 2019-05-20 13:20:20 UTC

I had a configuration error. I should export UDP 514 rather than TCP.

Comment 8 errata-xmlrpc 2019-06-04 10:48:34 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:0758

Note You need to log in before you can comment on or make changes to this bug.