Incomplete Logs

This board serves as an open discussion and support collaboration point for Nagios Log Server. NOTE: Nagios Log Server customers should use the Customer Support forum to obtain expedited support.

Incomplete Logs

Postby ysingh » Wed Mar 13, 2019 12:16 pm

I am not able to see complete logs of one API call on NLS. For API call some are logs are visible on NLS from some are not from same instance.

Regards,
Yaduraj Singh
ysingh
 
Posts: 5
Joined: Wed Mar 13, 2019 12:02 pm

Re: Incomplete Logs

Postby scottwilkerson » Wed Mar 13, 2019 1:17 pm

Can you give an example of what you are doing and the results you are getting?
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
User avatar
scottwilkerson
DevOps Engineer
 
Posts: 17597
Joined: Tue Nov 15, 2011 3:11 pm
Location: Nagios Enterprises

Re: Incomplete Logs

Postby ysingh » Sun Mar 17, 2019 7:28 am

Let's assume, in a API call, 10 steps are executing. Sometimes I only get last 5 steps in NLS. First 5 are missing.

Regards,
ysingh
 
Posts: 5
Joined: Wed Mar 13, 2019 12:02 pm

Re: Incomplete Logs

Postby cdienger » Mon Mar 18, 2019 4:47 pm

What API calls are you making? Can you provide some screenshots so we can understand the problem better?
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
User avatar
cdienger
Support Tech
 
Posts: 3913
Joined: Tue Feb 07, 2017 11:26 am

Re: Incomplete Logs

Postby ysingh » Mon Mar 25, 2019 8:34 am

On server we are getting below logs.

info: finicityRequestId: FIN292309034
info: processMessageAndReply started for request id FIN292309034: {"requestType":"XXXXXXX","partnerId":"XXXXXXX","customerId":"XXXXXXX","institutionId":"XXXXXXX","keys":{"PIN":"*****","ID":"*****"}}
FIN292309034 browserConfig { args:
2019-03-25T13:00:26.406Z - info: FinicityRequestId: FIN292309034 Institution: XXXXXXX, Customer: XXXXXXX, RequestType: discovery, - Request timeout type: normal, value: 600000.
2019-03-25T13:00:28.816Z - info: FinicityRequestId: FIN292309034 Institution: XXXXXXX, Customer: XXXXXXX, RequestType: discovery, - Executed on IP address = XXXXXXX:XXXX
2019-03-25T13:00:28.816Z - info: FinicityRequestId: FIN292309034 Institution: XXXXXXX, Customer: XXXXXXX, RequestType: discovery, - Started script Login
2019-03-25T13:00:35.322Z - info: FinicityRequestId: FIN292309034 Institution: XXXXXXX, Customer: XXXXXXX, RequestType: discovery, - Accounts Page Reached
2019-03-25T13:00:35.322Z - info: FinicityRequestId: FIN292309034 Institution: XXXXXXX, Customer: XXXXXXX, RequestType: discovery, - Completed script login, success: true, duration: 6506
2019-03-25T13:00:35.323Z - info: FinicityRequestId: FIN292309034 Institution: XXXXXXX, Customer: XXXXXXX, RequestType: discovery, - started discovery
2019-03-25T13:00:37.425Z - info: FinicityRequestId: FIN292309034 Institution: XXXXXXX, Customer: XXXXXXX, RequestType: discovery, - clearSessionTimeout: timer cleared.
2019-03-25T13:00:37.426Z - warn: FinicityRequestId: FIN292309034 Institution: XXXXXXX, Customer: XXXXXXX, RequestType: discovery, - Called clear session timeout for nonexisting timeout
info: processMessageAndReply completed for Request id FIN292309034 Institution Id: XXXXXXX, Partner Id: XXXXXXX. Duration=11373 Request: {"requestType":"DISCOVERY","partnerId":"XXXXXXX","customerId":"XXXXXXX","institutionId":"XXXXXXX","keys":{"PIN":"*****","ID":"*****"}}

But in NLS we are getting less logs. Please find the attachment.
Attachments
image (1).png
ysingh
 
Posts: 5
Joined: Wed Mar 13, 2019 12:02 pm

Re: Incomplete Logs

Postby cdienger » Mon Mar 25, 2019 11:30 am

Looks like a problem with parsing. Can you PM me a copy of the log as well as a copy of the logstash config? The logstash config can be gathered by going to Configure > Global (All Instances) > Global Config > View > All Files Combined.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
User avatar
cdienger
Support Tech
 
Posts: 3913
Joined: Tue Feb 07, 2017 11:26 am

Re: Incomplete Logs

Postby mcapra » Wed Mar 27, 2019 9:01 am

Which input are these going to? How did you configure the logging agent on the remote machine?

If it's going to a Logstash syslog input, these logs:
Code: Select all
info: finicityRequestId: FIN292309034
info: processMessageAndReply started for request id FIN292309034: {"requestType":"XXXXXXX","partnerId":"XXXXXXX","customerId":"XXXXXXX","institutionId":"XXXXXXX","keys":{"PIN":"*****","ID":"*****"}}
FIN292309034 browserConfig { args:
2019-03-25T13:00:26.406Z - info: FinicityRequestId: FIN292309034 Institution: XXXXXXX, Customer: XXXXXXX, RequestType: discovery, - Request timeout type: normal, value: 600000.
2019-03-25T13:00:28.816Z - info: FinicityRequestId: FIN292309034 Institution: XXXXXXX, Customer: XXXXXXX, RequestType: discovery, - Executed on IP address = XXXXXXX:XXXX
2019-03-25T13:00:28.816Z - info: FinicityRequestId: FIN292309034 Institution: XXXXXXX, Customer: XXXXXXX, RequestType: discovery, - Started script Login
2019-03-25T13:00:35.322Z - info: FinicityRequestId: FIN292309034 Institution: XXXXXXX, Customer: XXXXXXX, RequestType: discovery, - Accounts Page Reached
2019-03-25T13:00:35.322Z - info: FinicityRequestId: FIN292309034 Institution: XXXXXXX, Customer: XXXXXXX, RequestType: discovery, - Completed script login, success: true, duration: 6506
2019-03-25T13:00:35.323Z - info: FinicityRequestId: FIN292309034 Institution: XXXXXXX, Customer: XXXXXXX, RequestType: discovery, - started discovery
2019-03-25T13:00:37.425Z - info: FinicityRequestId: FIN292309034 Institution: XXXXXXX, Customer: XXXXXXX, RequestType: discovery, - clearSessionTimeout: timer cleared.
2019-03-25T13:00:37.426Z - warn: FinicityRequestId: FIN292309034 Institution: XXXXXXX, Customer: XXXXXXX, RequestType: discovery, - Called clear session timeout for nonexisting timeout
info: processMessageAndReply completed for Request id FIN292309034 Institution Id: XXXXXXX, Partner Id: XXXXXXX. Duration=11373 Request: {"requestType":"DISCOVERY","partnerId":"XXXXXXX","customerId":"XXXXXXX","institutionId":"XXXXXXX","keys":{"PIN":"*****","ID":"*****"}}


Are not RFC-3164/RFC-5424 compliant and will cause issues in the parsing stages. The standard expects every line to have, among other things, a timestamp.

I would suggest shipping these logs to some other sort of input rule. Perhaps the "Import Files - Raw" one that ships with Nagios Log Server by default. The change could be as simple as altering the port your logging agent on the remote machine (rsyslog, syslog-ng, nxlog, fluentd, etc) is using.
Former Nagios employee
http://www.mcapra.com/
User avatar
mcapra
 
Posts: 3600
Joined: Thu May 05, 2016 3:54 pm

Re: Incomplete Logs

Postby cdienger » Wed Mar 27, 2019 12:15 pm

Thanks for the input, @mcapra!
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
User avatar
cdienger
Support Tech
 
Posts: 3913
Joined: Tue Feb 07, 2017 11:26 am

Re: Incomplete Logs

Postby ysingh » Mon Apr 08, 2019 6:21 pm

@mcapra @cdienger As I mentioned in the starting, sometimes I get the full logs but some times not.
ysingh
 
Posts: 5
Joined: Wed Mar 13, 2019 12:02 pm

Re: Incomplete Logs

Postby cdienger » Tue Apr 09, 2019 1:53 pm

@@ysingh, as mentioned in our previous responses, there appears to be an issue with the logs not having the proper formatting. Try configuring the logging agent to send logs to port 2056 instead of 5544.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
User avatar
cdienger
Support Tech
 
Posts: 3913
Joined: Tue Feb 07, 2017 11:26 am

Next

Return to Nagios Log Server

Who is online

Users browsing this forum: No registered users and 2 guests