Bug #13175: rudder agent log files content in user facility - Rudder - Issue Tracker

Actions

Copy link

Bug #13175

closed

rudder agent log files content in user facility

Added by tim c over 5 years ago. Updated almost 2 years ago.

Status:

Released

Priority:

N/A

Assignee:

Alexis Mousset

Category:

Generic methods

Target version:

4.3.5

Pull Request:

https://github.com/Normation/ncf/pull...

Severity:

UX impact:

User visibility:

Effort required:

Priority:

Name check:

Fix check:

Regression:

Description

Information about environement:

OS: Debian 9.5 and 8.11
syslog-ng version: 3.8 and 3.5
Rudder agent version: 4.3.3

When a « File content » directive run on a node, file content is logged in syslog-ng.

For example (syslog-ng trace) :

Aug  8 10:49:06 hostname syslog-ng[2552]: Incoming log entry; line='dummy line in a configuration file'

Aug  8 10:49:06 hostame syslog-ng[2552]: Filter rule evaluation begins; rule='f_syslog3', location='/etc/syslog-ng/syslog-ng.conf:131:19'
Aug  8 10:49:06 hostame syslog-ng[2552]: Filter node evaluation result; result='match', type='facility'
Aug  8 10:49:06 hostame syslog-ng[2552]: Filter node evaluation result; result='not-match', type='level'
Aug  8 10:49:06 hostame syslog-ng[2552]: Filter node evaluation result; result='not-match', type='AND'
Aug  8 10:49:06 hostame syslog-ng[2552]: Filter node evaluation result; result='match', type='filter(f_debug)'
Aug  8 10:49:06 hostame syslog-ng[2552]: Filter node evaluation result; result='match', type='AND'
Aug  8 10:49:06 hostame syslog-ng[2552]: Filter rule evaluation result; result='match', rule='f_syslog3', location='/etc/syslog-ng/syslog-ng.conf:131:19'

Aug  8 10:49:06 hostame syslog-ng[2552]: Filter rule evaluation begins; rule='f_user', location='/etc/syslog-ng/syslog-ng.conf:132:16'
Aug  8 10:49:06 hostame syslog-ng[2552]: Filter node evaluation result; result='match', type='facility'
Aug  8 10:49:06 hostame syslog-ng[2552]: Filter node evaluation result; result='not-match', type='level'
Aug  8 10:49:06 hostame syslog-ng[2552]: Filter node evaluation result; result='not-match', type='AND'
Aug  8 10:49:06 hostame syslog-ng[2552]: Filter node evaluation result; result='match', type='filter(f_debug)'
Aug  8 10:49:06 hostame syslog-ng[2552]: Filter node evaluation result; result='match', type='AND'
Aug  8 10:49:06 hostame syslog-ng[2552]: Filter rule evaluation result; result='match', rule='f_user', location='/etc/syslog-ng/syslog-ng.conf:132:16'

Aug  8 10:49:06 hostame syslog-ng[2552]: Filter rule evaluation begins; rule='f_messages', location='/etc/syslog-ng/syslog-ng.conf:119:20'
Aug  8 10:49:06 hostame syslog-ng[2552]: Filter node evaluation result; result='match', type='level'
Aug  8 10:49:06 hostame syslog-ng[2552]: Filter node evaluation result; result='match', type='facility'
Aug  8 10:49:06 hostame syslog-ng[2552]: Filter node evaluation result; result='match', type='AND'
Aug  8 10:49:06 hostame syslog-ng[2552]: Filter rule evaluation result; result='match', rule='f_messages', location='/etc/syslog-ng/syslog-ng.conf:119:20'

At the moment we have created a syslog-ng rule to redirect every lines coming from user facility to /dev/null but is not convenient because some applications use this facility too.

If you need our syslog-ng configuration tell us.

Related issues 1 (0 open — 1 closed)

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Rudder

Custom queries

Bug #13175

rudder agent log files content in user facility

Updated by Benoît PECCATTE over 5 years ago

Updated by Benoît PECCATTE over 5 years ago

Updated by Nicolas CHARLES over 5 years ago

Updated by Nicolas CHARLES over 5 years ago

Updated by Nicolas CHARLES over 5 years ago

Updated by Nicolas CHARLES over 5 years ago

Updated by Nicolas CHARLES over 5 years ago

Updated by Vincent MEMBRÉ over 5 years ago

Updated by Alexis Mousset almost 2 years ago