zhmcclient / zhmc-log-forwarder

A forwarder for HMC audit and security logs
Apache License 2.0
0 stars 0 forks source link

syslog forward throws an exception #73

Closed aleadamah closed 1 month ago

aleadamah commented 1 month ago

Traceback (most recent call last): File "/root/zhmc-log-forwarder-venv/bin/zhmc_log_forwarder", line 8, in sys.exit(main()) File "/root/zhmc-log-forwarder-venv/lib/python3.10/site-packages/zhmc_log_forwarder/zhmc_log_forwarder.py", line 2131, in main hdlr.output_begin() File "/root/zhmc-log-forwarder-venv/lib/python3.10/site-packages/zhmc_log_forwarder/zhmc_log_forwarder.py", line 1537, in output_begin assert self.syslog_porttype == 'udp' AssertionError

stdout works as expected

yaml part

Destination:

# - 'stdout': Standard output.
# - 'stderr': Standard error.
# - 'syslog': Local or remote system log.
dest: syslog
andy-maier commented 1 month ago

@aleadamah I was able to reproduce the error when the config file in a forwarding item selected dest: syslog, but did not specify syslog_porttype.

You can solve this problem by specifying the other syslog related properties in the config file when you select syslog.

Please let me know whether that worked.

In addition, we should make the config file parsing more user friendly than it is currently.

aleadamah commented 1 month ago

Sorry it was already there.

aleadamah commented 1 month ago

cat config_zlf.yml | grep -v "^#|^$|^ #|^hmc_host|^hmc_user|^hmc_password"

hmc_verify_cert: false stomp_retry_timeout_config: {} label: myregion-myzone-myhmc since: now future: true selflog_dest: stdout selflog_format: '%(levelname)s: %(message)s' selflog_time_format: '%Y-%m-%d %H:%M:%S.%f%z' log_message_file: null check_data: {}

forwardings:
... name: Example forwarding logs: [security, audit] dest: syslog syslog_host: 127.0.0.1 syslog_port: 514 syslog_porttype: udp syslog_facility: user format: line line_format: '{time:32} {label} {log:8} {name:12} {id:>4} {user:20} {msg}' time_format: 'iso8601'

netstat -tulpn | grep 514 udp 0 0 0.0.0.0:514 0.0.0.0: 17289/rsyslogd udp6 0 0 :::514 ::: 17289/rsyslogd

andy-maier commented 1 month ago

@aleadamah Are you saying that the issue is now resolved?

andy-maier commented 1 month ago

No response since two weeks - I am closing the issue.

@aleadamah if the problem still exists, feel free to reopen this issue or to open a new issue.