Support TLS settings when sending to Graylog #355

invidian · 2019-10-07T11:30:00Z

As a follow up to #145, it would be great if we could also configure TLS options using env variables.

invidian · 2019-10-07T13:21:31Z

It seems with this simple configuration snippet:

    protocol "tcp"
    tls true

I get following error:

2019-10-07 13:06:35 +0000 [warn]: #0 [out_graylog] failed to flush the buffer. error_class="NoMethodError" error="undefined method `closed?' for nil:NilClass" plugin_id="out_graylog"
2019-10-07 13:06:35 +0000 [warn]: #0 [out_graylog] got unrecoverable error in primary and no secondary error_class=NoMethodError error="undefined method `closed?' for nil:NilClass"
  2019-10-07 13:06:35 +0000 [warn]: #0 /fluentd/vendor/bundle/ruby/2.6.0/gems/gelf-3.0.0/lib/gelf/transport/tcp.rb:22:in `reject'
  2019-10-07 13:06:35 +0000 [warn]: #0 /fluentd/vendor/bundle/ruby/2.6.0/gems/gelf-3.0.0/lib/gelf/transport/tcp.rb:22:in `block in send'
  2019-10-07 13:06:35 +0000 [warn]: #0 /fluentd/vendor/bundle/ruby/2.6.0/gems/gelf-3.0.0/lib/gelf/transport/tcp.rb:21:in `loop'
  2019-10-07 13:06:35 +0000 [warn]: #0 /fluentd/vendor/bundle/ruby/2.6.0/gems/gelf-3.0.0/lib/gelf/transport/tcp.rb:21:in `send'
  2019-10-07 13:06:35 +0000 [warn]: #0 /fluentd/vendor/bundle/ruby/2.6.0/gems/gelf-3.0.0/lib/gelf/notifier.rb:160:in `notify_with_level!'
  2019-10-07 13:06:35 +0000 [warn]: #0 /fluentd/vendor/bundle/ruby/2.6.0/gems/gelf-3.0.0/lib/gelf/notifier.rb:119:in `notify!'
  2019-10-07 13:06:35 +0000 [warn]: #0 /fluentd/vendor/bundle/ruby/2.6.0/gems/fluent-plugin-gelf-hs-1.0.8/lib/fluent/plugin/out_gelf.rb:92:in `block in write'
  2019-10-07 13:06:35 +0000 [warn]: #0 /fluentd/vendor/bundle/ruby/2.6.0/gems/fluentd-1.7.3/lib/fluent/event.rb:327:in `each'
  2019-10-07 13:06:35 +0000 [warn]: #0 /fluentd/vendor/bundle/ruby/2.6.0/gems/fluentd-1.7.3/lib/fluent/event.rb:327:in `block in each'
  2019-10-07 13:06:35 +0000 [warn]: #0 /fluentd/vendor/bundle/ruby/2.6.0/gems/fluentd-1.7.3/lib/fluent/plugin/buffer/memory_chunk.rb:81:in `open'
  2019-10-07 13:06:35 +0000 [warn]: #0 /fluentd/vendor/bundle/ruby/2.6.0/gems/fluentd-1.7.3/lib/fluent/plugin/buffer/memory_chunk.rb:81:in `open'
  2019-10-07 13:06:35 +0000 [warn]: #0 /fluentd/vendor/bundle/ruby/2.6.0/gems/fluentd-1.7.3/lib/fluent/event.rb:326:in `each'
  2019-10-07 13:06:35 +0000 [warn]: #0 /fluentd/vendor/bundle/ruby/2.6.0/gems/fluent-plugin-gelf-hs-1.0.8/lib/fluent/plugin/out_gelf.rb:90:in `write'
  2019-10-07 13:06:35 +0000 [warn]: #0 /fluentd/vendor/bundle/ruby/2.6.0/gems/fluentd-1.7.3/lib/fluent/compat/output.rb:131:in `write'
  2019-10-07 13:06:35 +0000 [warn]: #0 /fluentd/vendor/bundle/ruby/2.6.0/gems/fluentd-1.7.3/lib/fluent/plugin/output.rb:1125:in `try_flush'
  2019-10-07 13:06:35 +0000 [warn]: #0 /fluentd/vendor/bundle/ruby/2.6.0/gems/fluentd-1.7.3/lib/fluent/plugin/output.rb:1431:in `flush_thread_run'
  2019-10-07 13:06:35 +0000 [warn]: #0 /fluentd/vendor/bundle/ruby/2.6.0/gems/fluentd-1.7.3/lib/fluent/plugin/output.rb:461:in `block (2 levels) in start'
  2019-10-07 13:06:35 +0000 [warn]: #0 /fluentd/vendor/bundle/ruby/2.6.0/gems/fluentd-1.7.3/lib/fluent/plugin_helper/thread.rb:78:in `block in thread_create'
2019-10-07 13:06:35 +0000 [warn]: #0 [out_graylog] bad chunk is moved to /tmp/fluent/backup/worker0/out_graylog/59451b8670de4847070dced66cd07fa7.log

the TLS connection seems fine, when testing with this ruby snippet, which simulates what gelf output plugin is doing:

require 'socket'
require 'openssl'

myXML = '{"version": "1.1","host":"example.org","short_message":"Short message","full_message":"Backtrace here\n\nmore stuff","level":1,"_user_id":9001,"_some_info":"foo","_some_env_var":"bar"}'
host = 'graylog-tcp.graylog'
port = 12222

socket = TCPSocket.open(host,port)
ssl_context = OpenSSL::SSL::SSLContext.new()
ssl_context.cert_store = OpenSSL::X509::Store.new.tap do |store|
  store.set_default_paths
end
ssl_socket = OpenSSL::SSL::SSLSocket.new(socket, ssl_context)
ssl_socket.sync_close = true
ssl_socket.connect

ssl_socket.puts(myXML)
ssl_socket.close

It looks like https://github.com/hotschedules/fluent-plugin-gelf-hs/releases/tag/1.0.8 still use 3.0.0 version of gelf-rb and 3.1.0 is available already: https://github.com/graylog-labs/gelf-rb/releases/tag/v3.1.0, which contains a lot of new options and fixes.

repeatedly · 2020-03-05T04:13:51Z

gelf-rb has critical bug for fluentd and it is not fixed yet.

graylog-labs/gelf-rb#87

Please ping gelf-rb developers to fix the json issue.

github-actions · 2021-03-01T10:44:09Z

This issue has been automatically marked as stale because it has been open 90 days with no activity. Remove stale label or comment or this issue will be closed in 30 days

github-actions · 2021-04-01T10:16:12Z

This issue was automatically closed because of stale in 30 days

ciastooo · 2021-08-30T20:32:51Z

@invidian, @repeatedly seems like gelf-rb is no longer maintained. Is there any other way to resolve this error? Seems like it makes setting up tls impossible

invidian mentioned this issue Oct 7, 2019

Sending logs to Graylog #145

Closed

github-actions bot added the stale label Mar 1, 2021

github-actions bot closed this as completed Apr 1, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Support TLS settings when sending to Graylog #355

Support TLS settings when sending to Graylog #355

invidian commented Oct 7, 2019

invidian commented Oct 7, 2019

repeatedly commented Mar 5, 2020 •

edited

Loading

github-actions bot commented Mar 1, 2021

github-actions bot commented Apr 1, 2021

ciastooo commented Aug 30, 2021

Support TLS settings when sending to Graylog #355

Support TLS settings when sending to Graylog #355

Comments

invidian commented Oct 7, 2019

invidian commented Oct 7, 2019

repeatedly commented Mar 5, 2020 • edited Loading

github-actions bot commented Mar 1, 2021

github-actions bot commented Apr 1, 2021

ciastooo commented Aug 30, 2021

repeatedly commented Mar 5, 2020 •

edited

Loading