NWRichmond
commented
2 months ago @iameru could you please send a HAR file that captures this? Thank you!
Open iameru opened 3 months ago
NWRichmond
commented
2 months ago @iameru could you please send a HAR file that captures this? Thank you!
What happened?
Hello. We have a grafana instance which gets sent rsyslog messages from a variant of servers (first to rsyslog, then to telegraf which inserts them into an
influxdb. some of them log appnames likesomeapp (.logorrun-parts(.logI use a dashboard to show different logs from servers. I had to workarout grafana breaking the dashboard by setting the regex inVariables/^.*(?<!\(|influxd-systemd-start.sh)$/meaning to only include lines not ending with(orinfluxd-systemd-start.sh. this means that these are excluded from the dashboard which is not a good solution (except for influxdb-systemd-start.sh of course).When I don't exclude these, I get some views not working at all, stating
Status: 500. Message: InfluxDB returned error: error parsing query: error parsing regexp: missing closing ):in all cases.I include a screenshot of one of the queries involved aswell.
What did you expect to happen?
appnames shouldn't be passed unsanatized in a query (if this is the case)
Did this work before?
no
How do we reproduce it?
hard to say as I am not a grafana expert. I'm not even completely sure the issue lies with the way grafana sends querys to influxdb. I'd try to produce logs with
util-linuxloggerand inserting them intoinfluxdb, then build a dashboard with them, for example by using https://grafana.com/grafana/dashboards/15644-syslog/Is the bug inside a dashboard panel?
It is, however it seems to me like the strings are not sanitized before building the query
Environment (with versions)?
Grafana: Version 10.3.1 OS: Kernel 6.1.0-17-amd64 Debian 12 Browser: Any
Grafana platform?
Other
Datasource(s)?
influxdb