Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow reader retry if acquisition file read fails #3316

Open
rr404 opened this issue Nov 7, 2024 · 2 comments
Open

Allow reader retry if acquisition file read fails #3316

rr404 opened this issue Nov 7, 2024 · 2 comments
Labels
kind/enhancement New feature or request needs/triage

Comments

@rr404
Copy link
Contributor

rr404 commented Nov 7, 2024
edited
Loading

/kind enhancement

What would you like to be added?

Context: Runnin crowdsec as non-root on Cloudways
Issue: "randomly" when log rotate, reader doesn't seem to have permission to read newly created file (maybe some weird race condition). It can work 3 days and crash the 4th or crash on first rotation, it seems random.
I assume it's because we're not root that this happens, but maybe there are other cases where log reader fails this way

Error:My crowdsec logs show this (I obfuscated the path):

time="2024-09-18T00:00:50Z" level=info msg="Re-opening moved/deleted file /<absolute_path>/nginx_wordpress-11111-11111.cloudwaysapps.com.access.log ..."

time="2024-09-18T00:00:50Z" level=warning msg="file reader of //<absolute_path>/nginx_wordpress-11111-11111.cloudwaysapps.com.access.log died : Unable to open file /<absolute_path>/nginx_wordpress-11111-11111.cloudwaysapps.com.access.log: open /<absolute_path>/nginx_wordpress-11111-11111.cloudwaysapps.com.access.log: permission denied" tail=/<absolute_path>/nginx_wordpress-11111-11111.cloudwaysapps.com.access.log type=file

Feature: Could we have a config to say that a reader retries like N times every X seconds if fails to read a rotating log ?

Why is this needed?

Be able to run CrowdSec on CloudWays managed servers (where we don't have root privileges)
@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 7, 2024

@rr404: Thanks for opening an issue, it is currently awaiting triage.

In the meantime, you can:

  1. Check Crowdsec Documentation to see if your issue can be self resolved.
  2. You can also join our Discord.
  3. Check Releases to make sure your agent is on the latest version.
Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 7, 2024

@rr404: There are no 'kind' label on this issue. You need a 'kind' label to start the triage process.

  • /kind feature
  • /kind enhancement
  • /kind refactoring
  • /kind bug
  • /kind packaging
Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/enhancement New feature or request needs/triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@rr404