When action.errorfile.maxsize configuration
option is enabled and error file already has a
certain size smaller than max size configured,
it is increasing higher than configured max
size as the error file is considered
to be zero in code.
This fix reads current error file size and
limits the size to the maximum size configured
fixes#4821
Signed-off-by: Sergio Arroutbi <sarroutb@redhat.com>
action.errorfile.maxsize has been added to enable
option to limit the amount of bytes dumped to
configured errorfile
fixes#4733
Signed-off-by: Sergio Arroutbi <sarroutb@redhat.com>
The order of execution was changed to a less optimal (more startups,
thus slower) order to work-around a testbench issue. This has been
fixed and so we can restore the original order.
When bulkmode is enabled, and a batch was processed without any
failures (errors is false), the code that increments the indexSuccess
impstats counter was never reached. As fix, we obtain the numitems
first and add them to the indexSuccess impstats counter if
errors is false.
This fix may solve some of the random elasticsearch testbench failures.
closes: https://github.com/rsyslog/rsyslog/issues/4794
Under io / cpu stress, the OpenSSL tls error can be SSL_ERROR_SYSCALL
instead of SSL_ERROR_SSL. The outcome it the same from the
test perspective.
closes: https://github.com/rsyslog/rsyslog/issues/4784
Happy new years! Add another action parameter `conninfo` that allows specifying
a postgres connection string. This enables us to use any of the postgres connection
parameters, particularly `sslmode` and `sslrootcert`.
Per the postgres docs, this connection string can be a URI or several key-value
pairs. https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING
Here's an example:
```
module(load="ompgsql")
action(
type="ompgsql"
conninfo="postgresql://postgres:password@localhost/Syslog?sslmode=require"
)
```
This addresses https://github.com/rsyslog/rsyslog/issues/4741 by allowing the
user to specify ssl options as part of the connection string. `libpq` will take
care of the rest.
This also addresses https://github.com/rsyslog/rsyslog/issues/4698 because
`libpq` is not constrained by MAXHOSTNAMELEN. Long hostnames will work.
`conninfo` can be specified in lieu of the other parameters. `ompgsql` will
prioritize using `conninfo` to connect over the other parameters.
Signed-off-by: Ameer Ghani <inahga@gmail.com>
A JSON object was created (valueObj) but not used and also not
released causing a memory leak. This was properly caused by the
initial copy&paste from serializeBatchKafkaRest.
- Also added a valgrind test for lokirest batchmode
Uncomment "--keep-debuginfo" in testcaseif stack traces
are incomplete
closes: https://github.com/rsyslog/rsyslog/issues/4766
This option is not known by older valgrind versions. As such, it causes
false positives on older platforms. As the option is not necessary
(only helpful for some border cases), we remove it and add a comment
so that it may be enabled when necessary.
We so far tried to ensure a value is really an IPv6 address, in order
to avoid to mangle with just similar-looking information elements.
However, this lead to misdetection for unusual formats, e.g. when a
port is appended to a numerical IPv6 adress given without braces [].
This has been changed now. In a sense, we now prefer to err on the
side of privacy.
BEHAVIOR CHANGE:
Previously, a suspect value was not anonymized, and thus some other
elements (like some MAC addresses) preserved. Now the opposite is
true, and we anonymize anything that looks close enough to be an
IPv6 address. This improves anonymization.
closes https://github.com/rsyslog/rsyslog/issues/4725
The call rscript statement is able to call a rule set either synchronously or
asynchronously. We did this, because practice showed that both modes
are needed. For various reasons we decided to make async
calls if the ruleset has a queue assigned and sync if not.
To know if a "queue is assigned" we just checked if queue parameters were
given. It was overlookeded the case of someone explicitly specifying a
"direct queue", aka "no queue". As such, queue="direct" triggered async
calls. That in turn meant that when a write operation to a variable was
made inside that rule set, other rulesets could or could not see the
write. While if was often not seen, this was a data race where the
change could also be seen by the outside.
This is now fixed. No matter if queue.type="direct" is specified or
left out, the call will always by synchronous. Any values written to
variables will also be seen by the "outside world" in later processing
stages.
Note that this has some potential to BREAK EXISTING CONFIGURATIONS.
We deem this acceptable because:
1. this was racy at all, so unexpected behaviour could alwas occur
2. it is actually unlikely that someone used the triggering conditions
in practice. But we can not outrule this, especially when the
configuration was auto-generated.
Potential compatibility issues can be solved by defining a small
array-memory queue on the ruleset in question instead of specifying
direct type.
Again, we expect that almost all users will never experience any
problems. If you do, however, please let us know: we may add an
option to re-enable the bug.
It looks like the current version of clickhouse does not error out
on some types of errors. So tests need either to be redesigned
or removed.
As such, we temporarily skip them for now.
- Only apply default anon ciphers if gnutlsPriorityString is NULL and
Authentication Mode is set to anon. Otherwise we do not set them
as they overwrite custom Ciphers.
- Added two tests for custom cipher configuration (anon/certvalid mode).
- Add call for applyGnutlsPriorityString if gnutlsPriorityString changes.
- Merged openssl init code from Connect into osslInitSession
closes: https://github.com/rsyslog/rsyslog/issues/4686
The testbench framework does not properly wait until ES has created
its pid file, which probably means it did basic initializiation.
This can cause test synchronization issues and ultimately failures.
ElasticSearch 7 is now the major version. Replacing old-style
ES with it by default.
also add basic test for ElasticSearch 7.14, to make sure we will
test ES 7 once we move up to next higher version.
Note: ES 5 is no longer beeing tested as it looks outphased.
see also: https://github.com/rsyslog/rsyslog/pull/4566
- Basic Authentication support & tests
* configured via imhttp option "basicAuthFile". This option should be configured
to point to your htpasswd file generated via a standard htpasswd tool.
tests:
* imhttp-post-payload-basic-auth.sh
* imhttp-post-payload-basic-auth-vg.sh
- Query parameter ingestion capability & tests
use t `addmetadata` option to inject query parameters into
metadata for imhttp input.
Signed-off-by: Nelson Yen <nyen@salesforce.com>
Rate limiting may not have worked if the considered message had already
been parsed (not having NEEDS_PARSING in msgFlags).
This affects also imuxsock in its default configuration
(useSpecialParser="true" and ratelimit.severity="1")
A test for imuxsock is included which requires
./configure --enable-liblogging-stdlog
