Git Product home page Git Product logo

logproxy's Introduction

Logproxy

A microservice which acts as a logdrain and forwards messages to HSP Foundation logging. Supports the new v2 single tenant solution.

Features

  • Cloud foundry logdrain endpoint
  • IronIO project logging endpoint
  • Batch uploads messages (max 25) for good performance
  • Very lean, runs in just 32MB RAM
  • Plugin support
  • Filter only mode
  • OpenTracing support
  • IAM Service Identity support

Distribution

Logproxy is distributed as a Docker image:

docker pull philipssoftware/logproxy

Dependencies

By default Logproxy uses RabbitMQ for log buffering. This is useful for handlingspikes in log volume. You can also choose to use an internal Go channel based queue.

Environment variables

Variable Description Required Default
TOKEN Token to use as part of logdrain URL Yes
HSDP_LOGINGESTOR_PRODUCT_KEY Product key for v2 logging Yes (hsdp delivery)
LOGPROXY_SYSLOG Enable or disable Syslog drain No true
LOGPROXY_IRONIO Enable or disable IronIO drain No false
LOGPROXY_QUEUE Use specific queue (rabbitmq, channel) No rabbitmq
LOGPROXY_PLUGINDIR Search for plugins in this directory No
LOGPROXY_DELIVERY Select delivery type (hsdp, none, buffer) No hsdp
LOGPROXY_TRANSPORT_URL The Jaeager transport endpoint No

IAM Service Identity based authentication (recommended)

Variable Description Required Default
LOGPROXY_SERVICE_ID IAM Service ID Yes (hsdp delivery)
LOGPROXY_SERVICE_PRIVATE_KEY IAM Service Private Key Yes (hsdp delivery)
LOGPROXY_REGION IAM Region Yes (hsdp delivery) us-east
LOGPROXY_ENV IAM Environment Yes (hsdp delivery) cllient-test

API Signing based authentication

Variable Description Required Default
HSDP_LOGINGESTOR_KEY HSDP logging service Key Yes (hsdp delivery)
HSDP_LOGINGESTOR_SECRET HSDP logging service Secret Yes (hsdp delivery)
HSDP_LOGINGESTOR_URL HSPD logging service endpoint Yes (hsdp delivery)

Building

Requirements

Compiling

Clone the repo somewhere (preferably outside your GOPATH):

$ git clone https://github.com/philips-software/logproxy.git
$ cd logproxy
$ docker build .

Installation

See the below manifest.yml file as an example.

applications:
- name: logproxy
  domain: your-domain.com
  docker:
    image: philipssoftware/logproxy:latest
  instances: 2
  memory: 64M
  disk_quota: 512M
  routes:
  - route: logproxy.your-domain.com
  env:
    HSDP_LOGINGESTOR_KEY: SomeKey
    HSDP_LOGINGESTOR_SECRET: SomeSecret
    HSDP_LOGINGESTOR_URL: https://logingestor-int2.us-east.philips-healthsuite.com
    HSDP_LOGINGESTOR_PRODUCT_KEY: product-uuid-here
    TOKEN: RandomTokenHere
  services:
  - rabbitmq
  stack: cflinuxfs3

Push your application:

cf push

If everything went OK logproxy should now be reachable on https://logproxy.your-domain.com . The logdrain endpoint would then be:

https://logproxy.your-domain.com/syslog/drain/RandomTokenHere

Configure logdrains

Syslog

In each space where you have apps running for which you'd like to drain logs define a user defined service called logproxy:

cf cups logproxy -l https://logproxy.your-domain.com/syslog/drain/RandomTokenHere

Then, bind this service to any app which should deliver their logs:

cf bind-service some-app logproxy

and restart the app to activate the logdrain:

cf restart some-app

Logs should now start flowing from your app all the way to HSDP logging infra through logproxy. You can use Kibana for log searching.

Structured logs

Below is an example of an HSDP LogEvent resource type for reference

{
  "resourceType": "LogEvent",
  "id": "7f4c85a8-e472-479f-b772-2916353d02a4",
  "applicationName": "OPS",
  "eventId": "110114",
  "category": "TRACELOG",
  "component": "TEST",
  "transactionId": "2abd7355-cbdd-43e1-b32a-43ec19cd98f0",
  "serviceName": "OPS",
  "applicationInstance": "INST‐00002",
  "applicationVersion": "1.0.0",
  "originatingUser": "SomeUsr",
  "serverName": "ops-dev.apps.internal",
  "logTime": "2017-01-31T08:00:00Z",
  "severity": "INFO",
  "logData": {
    "message": "Test message"
  },
  "custom": {
  		"key1": "val1",
  		"key2": { "innerkey": "innervalue" }
   }
}

IronIO

The IronIO logdrain is available on this endpoint: /ironio/drain/:token

You can configure via the iron.io settings screen of your project:

settings screen

Field Mapping

Logproxy maps the IronIO field to Syslog fields as follows

IronIO field Syslog field LogEvent field
task_id ProcID applicationInstance
code_name AppName applicationName
project_id Hostname serverName
message Message logData.message

Filter only mode

You may choose to operate Logproxy in Filter only mode. It will listen for messages on the logdrain endpoints, run these through any active filter plugins and then discard instead of delivering them to HSDP logging. This is useful if you are using plugins for real-time processing only. To enable filter only mode set LOGPROXY_DELIVERY to none

...
env:
  LOGPROXY_DELIVERY: none
...

See the Logproxy plugins project for more details on plugins.

TODO

  • Better handling of HTTP 635 errors

logproxy's People

Contributors

bartgolsteijn avatar dependabot-preview[bot] avatar dependabot[bot] avatar ivd-git avatar krmeda avatar loafoe avatar philips-rpulijala avatar soubhagya-pradhan avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar

Forkers

krmeda ivd-git bartgolsteijn soubhagya-pradhan giselerosa

logproxy's Issues

Improve Integration Tests

  • Add Integration Tests (Support a HTTP Mock scenario by default with option to send to a real endpoint)
  • Link to pipeline
  • Performance Tests

Improve documentation

Ideally want to have a small design document explaining the components and why this exists and if there were any design choices to be made that influenced it.

  • Design Document
  • Pull Request Template
  • Way or Working document (improve the existing documentation)
  • Static Code Analysis
  • Build pipeline incorporating Integration Tests, etc. prior to merge into mainline.
  • Badges

Update docker base image to latest version

For our product (PICS / Cardiology Reporting) we are updating all base images to have the latest/best image with the latest security fixes.
Can we update the docker base image
FROM golang:1.20.1-alpine to golang:1.21.6-alpine or golang:1.21.6-alpine3.19?

logproxy as FAAS

I am moving my issue to official github

Can we get a FAAS which will be easier to use instead of doing all the below setup for iron.io?

  1. Configure logproxy
  2. Get the code docker pull philipssoftware/logproxy
  3. Create a new micro service using the keys and binding to log proxy service
  4. Do we need a rabitmq service also?
  5. Cf push the micro service which will enable iron.io logs to push to Kibana
  6. Need help how iron.io config will use the proxy service?

Dependabot can't resolve your Go dependency files

Dependabot can't resolve your Go dependency files.

As a result, Dependabot couldn't update your dependencies.

The error Dependabot encountered was:

github.com/philips-software/logproxy/handlers: cannot find module providing package github.com/philips-software/logproxy/handlers
	github.com/philips-software/logproxy/queue: cannot find module providing package github.com/philips-software/logproxy/queue
	github.com/philips-software/logproxy/shared: cannot find module providing package github.com/philips-software/logproxy/shared

If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.

View the update logs.

Dependabot can't resolve your Go dependency files

Dependabot can't resolve your Go dependency files.

As a result, Dependabot couldn't update your dependencies.

The error Dependabot encountered was:

github.com/philips-software/logproxy/handlers: cannot find module providing package github.com/philips-software/logproxy/handlers
github.com/philips-software/logproxy imports
	github.com/philips-software/logproxy/queue: cannot find module providing package github.com/philips-software/logproxy/queue
github.com/philips-software/logproxy imports
	github.com/philips-software/logproxy/shared: cannot find module providing package github.com/philips-software/logproxy/shared

If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.

View the update logs.

Spring Actuator like "Admin Processes" features

Authenticated endpoints for

  • Health Monitoring: System Health HTTP Endpoint (includes health of RMQ or dependency services)
  • Metrics: Prometheus style (probably have to look at a Datadog Agent/New Relic agent support later)

Dependabot can't parse your go.mod

Dependabot couldn't parse the go.mod found at /go.mod.

The error Dependabot encountered was:

go: github.com/spf13/[email protected] requires
	github.com/grpc-ecosystem/[email protected] requires
	gopkg.in/[email protected]: invalid version: git fetch -f origin refs/heads/*:refs/heads/* refs/tags/*:refs/tags/* in /opt/go/gopath/pkg/mod/cache/vcs/748bced43cf7672b862fbc52430e98581510f4f2c34fb30c0064b7102a68ae2c: exit status 128:
	fatal: The remote end hung up unexpectedly

View the update logs.

introduce on/off flag for "pure passthrough" for base64 encoded logmessages

Starting LogProxy v1.6x the "pure passthrough" functionality was introduced allowing LogEvent.logData.message encoded in base64 to be passed unaltered to Kibana. In versions prior to v1.6x LogProxy would encode clear text into base64 automatically.

Recently Kibana experiencing long downtimes which drives us to inspect log messages from services using CF and makes it a huge hassle to decode each message manually.

It would be nice to have an on/off switch for "pure passthrough" functionality on TF level or even better to have LogProxy automatically recognize the clear text vs base64encoded and handle it accordingly.

Will appreciate any help on the matter! @loafoe

Support for service identities

  • Add support for service identities with LOG.CREATE scope
  • Eliminates the need for outdated shared key / secrets API signing

Duplicate logs are created when logproxy runs into an error

In our Healthdot Kibana logging, we see certain logs being duplicated and others missing.

E.g. The following snippet of logging:
image

Resulted in the following duplication in Kibana:
image

It seems that when the duplication occurs, logproxy itself logs a sequence of messages such as:
image

The error that occurred doesn't seem to be logged, so it is currently unclear what the root cause is.

LogProxy parsing logs not in LogEvent format

Hi,
Log proxy is not able to parse logs which are not in LogEvent format and the logs are mapped to random guid values.
However it works fine with log drainer.
Application side logs:
2022-11-11T21:41:20.83+0530 [APP/PROC/WEB/0] OUT Request GET /sample/logtest1 => 200
2022-11-11T21:41:20.83+0530 [APP/PROC/WEB/0] OUT {"resourceType":"LogEvent","id":"a996e783-891b-4c88-bcf0-cf9b131751eb","logTime":"2022-11-11T16:11:20.836Z","category":"TraceLog","eventId":"0","component":"Logging.RequestLoggingMiddleware","transactionId":"","originatingUser":"User","logData":{"message":"Request GET /sample/logtest1 => 200, ThreadName: Thread 40, ThreadId: 40"},"severity":"Information","applicationName":"samplelogapp","applicationVersion":"54c35af5-0894-4e94-bca8-3f86e190832b","serviceName":"client-edi-foundation.hds-foundation-dev.samplelogapp","serverName":"DefaultServer","applicationInstance":"3910d915-98e1-4071-911e-76908ab753f6"}

image

Sample Log:

image

Logs on kibana:

image

Errors from HSDP when providing LogEvent resources with invalid characters

When providing DhpLogEvents, any characters that would be deemed invalid by HSDP Logging are replaced. However, when providing a LogEvent resource this is not the case.

E.g. The following LogEvent is passed to HSDP logging with invalid characters in the custom field, resulting in an error:
image

Note that logproxy can also generate LogEvents with invalid values. The LogEvent processing adds some fields with empty string values if they are not provided in the incoming resource (we noticed this for the originatingUser, serviceName, category and component fields). As empty string values are not allowed, this results in errors from HSDP. Perhaps any added fields should get a default value if no value is provided in the incoming resource (for now we've added some defaults to our own code to avoid this).

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.