代码之家 › 专栏 › 技术社区 › olegabr

Graylog 2.2.0测试版。1在具有UDP输入的Docker中:无法加载默认流

gelf graylog docker-compose udp docker

0

olegabr · 技术社区 · 9 年前

我试图使用graylog2从docker容器收集日志。Docs表示,仅支持UDP GELF输入。我正在使用docker compose来运行graylog服务器。请参阅所有使用文件的要点: https://gist.github.com/olegabr/7f5190c453bb63c71dabf151d2373c2f .

我用这个命令来测试它: sendip -p ipv4 -is 127.0.0.1 -p udp -us 5070 -ud 12201 -d '{"version": "1.1","host":"example.org","short_message":"Short message","full_message":"Backtrace here\n\nmore stuff","level":1,"_user_id":9001,"_some_info":"foo","_some_env_var":"bar"}' -v 127.0.0.1

服务器收到此消息,但无法处理。我在graylog2日志中看到以下内容: 2016-12-09 11:53:20,125 WARN : org.graylog2.bindings.providers.DefaultStreamProvider - Unable to load default stream, tried 1 times, retrying every 500ms. Processing is blocked until this succeeds. 2016-12-09 11:53:25,129 WARN : org.graylog2.bindings.providers.DefaultStreamProvider - Unable to load default stream, tried 11 times, retrying every 500ms. Processing is blocked until this succeeds.

e、 t.c.有许多类似的线路。

API调用 curl http://admin:123456@127.0.0.1:9000/api/count/total 返回 {"events":0}

在服务器日志中,我看到默认流已初始化: mongo_1 | 2016-12-09T11:51:12.522+0000 I INDEX [conn3] build index on: graylog.pipeline_processor_pipelines_streams properties: { v: 2, unique: true, key: { stream_id: 1 }, name: "stream_id_1", ns: "graylog.pipeline_processor_pipelines_streams" } graylog_1 | 2016-12-09 11:51:13,408 INFO : org.graylog2.periodical.Periodicals - Starting [org.graylog.plugins.pipelineprocessor.periodical.LegacyDefaultStreamMigration] periodical, running forever. graylog_1 | 2016-12-09 11:51:13,424 INFO : org.graylog.plugins.pipelineprocessor.periodical.LegacyDefaultStreamMigration - Legacy default stream has no connections, no migration needed. graylog_1 | 2016-12-09 11:51:13,487 INFO : org.graylog2.migrations.V20160929120500_CreateDefaultStreamMigration - Successfully created default stream: All messages graylog_1 | 2016-12-09 11:51:13,653 INFO : org.graylog2.migrations.V20161125142400_EmailAlarmCallbackMigration - No streams needed to be migrated. graylog_1 | 2016-12-09 11:51:13,662 INFO : org.graylog2.migrations.V20161125161400_AlertReceiversMigration - No streams needed to be migrated. graylog_1 | 2016-12-09 11:51:13,672 INFO : org.graylog2.migrations.V20161130141500_DefaultStreamRecalcIndexRanges - Cluster not connected yet, delaying migration until it is reachable.

那么,为什么消息到达时无法加载?为什么首先需要它?

我试图在网络上找到类似的报告,但没有成功。

2 回复 | 直到 9 年前

1

0

joschi 9 年前

Graylog 2.2.0测试版。1已损坏,不应使用。请降级到Graylog 2.1.2(最新稳定版本)或等待GrayLog2.2.0-beta.2。

看见 https://groups.google.com/forum/#!searchin/graylog2/docker|sort:date/graylog2/gCycC3_K3vU/EL-Lz_uNDQAJ 有关Graylog邮件列表上的相关文章。

2

-1

Alex G 9 年前

同样的麻烦只需设置graylog并配置输入gelf udp 12209端口

然后通过以下方法测试两次:

docker运行--log driver=gelf--log opt gelf地址=udp://127.0.0.1:12209busybox echo你好,Graylog

在UI中,我看到:

进程buff中的2条消息日志中当前有2条未处理的消息,分为1段。在最后一秒钟内附加了0条消息,在最后一秒内读取了0条。

并且仍然得到:

2016-12-09 12:41:23715信息:org.graylog2.inputs。InputStateListener-输入[GELF UDP/584aa67308813b00010d009e]现在正在运行 2016-12-09 12:41:43666警告:org.graylog2.bindings.providers。DefaultStreamProvider-无法加载默认流,尝试了1次,每500毫秒重试一次。处理将被阻止,直到成功。