Adjust influxdb log level

[CyrilBrulebois]

With the default configuration, we got a couple of (overlong) lines from influxdb each and every second, flooding journalctl.

For example:

Apr 26 22:28:17 raspberrypi influxd[557]: ts=2022-04-26T21:28:17.387963Z lvl=info msg="Executing query" log_id=0a5wikwl000 service=query query="SELECT alert_severity, alert_signature, dest_ip FROM suricata.suricata_5d.alert WHERE alert_severity < 3 ORDER BY time DESC LIMIT 1"
Apr 26 22:28:17 raspberrypi influxd[557]: [httpd] 127.0.0.1 - - [26/Apr/2022:22:28:17 +0100] "GET /query?db=suricata&q=SELECT+%22alert_severity%22%2C+%22alert_signature%22%2C+%22dest_ip%22+FROM+%22alert%22+WHERE+alert_severity%3C3+ORDER+BY+time+DESC+LIMIT+1 HTTP/1.1" 200 57 "-" "python-requests/2.25.1" c9959087-c5a7-11ec-8554-000000000000 837

Let's see if we can tweak /etc/influxdb/influxdb.conf…

The former can be avoided with:

[logging]
…
  level = "warn"

(and maybe even "error" instead, moving away from the default "info" setting).

The latter can be avoided by having:

[http]
…
  # Determines whether HTTP request logging is enabled.
  log-enabled = false

[CyrilBrulebois]

This seems to work as well (instead of editing /etc/influxdb/influxdb.conf), and would probably be easier to maintain than having to locate-and-modify-or-add lines in various sections of a file:

root@raspberrypi:~# cat /etc/systemd/system/influxdb.service.d/pirogue-adjust-log-levels.conf
[Service]
Environment=INFLUXDB_LOGGING_LEVEL=warn
Environment=INFLUXDB_HTTP_LOG_ENABLED=false

Plus, modifying this file might trigger prompts later on when it's time to upgrade the influxdb package.

I'm not sure which pirogue package is the most suitable to ship this customization though.

[CyrilBrulebois]

Link to the upstream documentation for the version we're deploying (1.6.7~rc0-1): https://docs.influxdata.com/influxdb/v1.6/administration/config/

(By the way, upstream is at 2.2, using some RC for 1.6.7 feels a bit strange but if it works… :))