Graylog 2.2.0-beta.1 in Docker with UDP 输入:无法加载默认流
Graylog 2.2.0-beta.1 in Docker with UDP input: Unable to load default stream
我正在尝试使用 graylog2 从 docker 容器中收集日志。文档说为此目的仅支持 UDP GELF 输入。
我正在使用 docker-compose 到 运行 graylog 服务器。请参阅要点以了解所有使用的文件:https://gist.github.com/olegabr/7f5190c453bb63c71dabf151d2373c2f.
我正在使用这个命令来测试它:
sendip -p ipv4 -is 127.0.0.1 -p udp -us 5070 -ud 12201 -d '{"version": "1.1","host":"example.org","short_message":"Short message","full_message":"Backtrace here\n\nmore stuff","level":1,"_user_id":9001,"_some_info":"foo","_some_env_var":"bar"}' -v 127.0.0.1
服务器收到此消息,但无法处理。我在 graylog2 日志中看到以下内容:
2016-12-09 11:53:20,125 WARN : org.graylog2.bindings.providers.DefaultStreamProvider - Unable to load default stream, tried 1 times, retrying every 500ms. Processing is blocked until this succeeds.
2016-12-09 11:53:25,129 WARN : org.graylog2.bindings.providers.DefaultStreamProvider - Unable to load default stream, tried 11 times, retrying every 500ms. Processing is blocked until this succeeds.
e.t.c。许多相似的台词。
API调用curl http://admin:123456@127.0.0.1:9000/api/count/totalreturns
{"events":0}
在服务器日志中,我看到默认流已初始化:
mongo_1 | 2016-12-09T11:51:12.522+0000 I INDEX [conn3] build index on: graylog.pipeline_processor_pipelines_streams properties: { v: 2, unique: true, key: { stream_id: 1 }, name: "stream_id_1", ns: "graylog.pipeline_processor_pipelines_streams" }
graylog_1 | 2016-12-09 11:51:13,408 INFO : org.graylog2.periodical.Periodicals - Starting [org.graylog.plugins.pipelineprocessor.periodical.LegacyDefaultStreamMigration] periodical, running forever.
graylog_1 | 2016-12-09 11:51:13,424 INFO : org.graylog.plugins.pipelineprocessor.periodical.LegacyDefaultStreamMigration - Legacy default stream has no connections, no migration needed.
graylog_1 | 2016-12-09 11:51:13,487 INFO : org.graylog2.migrations.V20160929120500_CreateDefaultStreamMigration - Successfully created default stream: All messages
graylog_1 | 2016-12-09 11:51:13,653 INFO : org.graylog2.migrations.V20161125142400_EmailAlarmCallbackMigration - No streams needed to be migrated.
graylog_1 | 2016-12-09 11:51:13,662 INFO : org.graylog2.migrations.V20161125161400_AlertReceiversMigration - No streams needed to be migrated.
graylog_1 | 2016-12-09 11:51:13,672 INFO : org.graylog2.migrations.V20161130141500_DefaultStreamRecalcIndexRanges - Cluster not connected yet, delaying migration until it is reachable.
那么,为什么消息来了却加载不出来呢?为什么首先需要它?
我试图在网络上找到类似的报告,但没有成功。
同样的麻烦
只需设置 graylog 并配置输入 gelf udp 12209 端口
然后通过以下方式测试两次:
docker 运行 --log-driver=gelf --log-opt gelf-address=udp://127.0.0.1:12209 busybox echo Hello Graylog
在 UI 我看到:
进程缓冲区中有 2 条消息
2 个未处理的消息当前在日志中,在 1 个段中。
上一秒已追加0条消息,上一秒已阅读0条消息。
并且仍然得到:
2016-12-09 12:41:23,715 信息:org.graylog2.inputs.InputStateListener - 输入 [GELF UDP/584aa67308813b00010d009e] 现在是 运行
2016-12-09 12:41:43,666 警告:org.graylog2.bindings.providers.DefaultStreamProvider - 无法加载默认流,尝试了 1 次,每 500 毫秒重试一次。处理被阻止,直到成功。
有人找到解决办法了吗?
这与UDP输入本身无关。
Graylog 2.2.0-beta.1 已损坏,不应使用。请降级至Graylog 2.1.2(最新稳定版)或等待Graylog 2.2.0-beta.2。
有关 Graylog 邮件列表中的相关 post,请参阅 https://groups.google.com/forum/#!searchin/graylog2/docker|sort:date/graylog2/gCycC3_K3vU/EL-Lz_uNDQAJ。
我正在尝试使用 graylog2 从 docker 容器中收集日志。文档说为此目的仅支持 UDP GELF 输入。 我正在使用 docker-compose 到 运行 graylog 服务器。请参阅要点以了解所有使用的文件:https://gist.github.com/olegabr/7f5190c453bb63c71dabf151d2373c2f.
我正在使用这个命令来测试它:
sendip -p ipv4 -is 127.0.0.1 -p udp -us 5070 -ud 12201 -d '{"version": "1.1","host":"example.org","short_message":"Short message","full_message":"Backtrace here\n\nmore stuff","level":1,"_user_id":9001,"_some_info":"foo","_some_env_var":"bar"}' -v 127.0.0.1
服务器收到此消息,但无法处理。我在 graylog2 日志中看到以下内容:
2016-12-09 11:53:20,125 WARN : org.graylog2.bindings.providers.DefaultStreamProvider - Unable to load default stream, tried 1 times, retrying every 500ms. Processing is blocked until this succeeds.
2016-12-09 11:53:25,129 WARN : org.graylog2.bindings.providers.DefaultStreamProvider - Unable to load default stream, tried 11 times, retrying every 500ms. Processing is blocked until this succeeds.
e.t.c。许多相似的台词。
API调用curl http://admin:123456@127.0.0.1:9000/api/count/totalreturns
{"events":0}
在服务器日志中,我看到默认流已初始化:
mongo_1 | 2016-12-09T11:51:12.522+0000 I INDEX [conn3] build index on: graylog.pipeline_processor_pipelines_streams properties: { v: 2, unique: true, key: { stream_id: 1 }, name: "stream_id_1", ns: "graylog.pipeline_processor_pipelines_streams" }
graylog_1 | 2016-12-09 11:51:13,408 INFO : org.graylog2.periodical.Periodicals - Starting [org.graylog.plugins.pipelineprocessor.periodical.LegacyDefaultStreamMigration] periodical, running forever.
graylog_1 | 2016-12-09 11:51:13,424 INFO : org.graylog.plugins.pipelineprocessor.periodical.LegacyDefaultStreamMigration - Legacy default stream has no connections, no migration needed.
graylog_1 | 2016-12-09 11:51:13,487 INFO : org.graylog2.migrations.V20160929120500_CreateDefaultStreamMigration - Successfully created default stream: All messages
graylog_1 | 2016-12-09 11:51:13,653 INFO : org.graylog2.migrations.V20161125142400_EmailAlarmCallbackMigration - No streams needed to be migrated.
graylog_1 | 2016-12-09 11:51:13,662 INFO : org.graylog2.migrations.V20161125161400_AlertReceiversMigration - No streams needed to be migrated.
graylog_1 | 2016-12-09 11:51:13,672 INFO : org.graylog2.migrations.V20161130141500_DefaultStreamRecalcIndexRanges - Cluster not connected yet, delaying migration until it is reachable.
那么,为什么消息来了却加载不出来呢?为什么首先需要它?
我试图在网络上找到类似的报告,但没有成功。
同样的麻烦 只需设置 graylog 并配置输入 gelf udp 12209 端口
然后通过以下方式测试两次:
docker 运行 --log-driver=gelf --log-opt gelf-address=udp://127.0.0.1:12209 busybox echo Hello Graylog
在 UI 我看到:
进程缓冲区中有 2 条消息 2 个未处理的消息当前在日志中,在 1 个段中。 上一秒已追加0条消息,上一秒已阅读0条消息。
并且仍然得到:
2016-12-09 12:41:23,715 信息:org.graylog2.inputs.InputStateListener - 输入 [GELF UDP/584aa67308813b00010d009e] 现在是 运行 2016-12-09 12:41:43,666 警告:org.graylog2.bindings.providers.DefaultStreamProvider - 无法加载默认流,尝试了 1 次,每 500 毫秒重试一次。处理被阻止,直到成功。
有人找到解决办法了吗?
这与UDP输入本身无关。
Graylog 2.2.0-beta.1 已损坏,不应使用。请降级至Graylog 2.1.2(最新稳定版)或等待Graylog 2.2.0-beta.2。
有关 Graylog 邮件列表中的相关 post,请参阅 https://groups.google.com/forum/#!searchin/graylog2/docker|sort:date/graylog2/gCycC3_K3vU/EL-Lz_uNDQAJ。