Search in sources :

Example 36 with Version

use of org.graylog2.plugin.Version in project graylog2-server by Graylog2.

the class GelfCodecTest method decodeFailsWithWrongTypeForMessage.

@Test
public void decodeFailsWithWrongTypeForMessage() throws Exception {
    final String json = "{" + "\"version\": \"1.1\"," + "\"host\": \"example.org\"," + "\"message\": 42" + "}";
    final RawMessage rawMessage = new RawMessage(json.getBytes(StandardCharsets.UTF_8));
    assertThatIllegalArgumentException().isThrownBy(() -> codec.decode(rawMessage)).withNoCause().withMessageMatching("GELF message <[0-9a-f-]+> has invalid \"message\": 42");
}
Also used : RawMessage(org.graylog2.plugin.journal.RawMessage) Test(org.junit.Test)

Example 37 with Version

use of org.graylog2.plugin.Version in project graylog2-server by Graylog2.

the class IndexerSetupService method startUp.

@Override
protected void startUp() throws Exception {
    Tools.silenceUncaughtExceptionsInThisThread();
    LOG.debug("Starting indexer");
    node.start();
    final Client client = node.client();
    try {
        /* try to determine the cluster health. if this times out we could not connect and try to determine if there's
                   anything listening at all. if that happens this usually has these reasons:
                    1. cluster.name is different
                    2. network.publish_host is not reachable
                    3. wrong address configured
                    4. multicast in use but broken in this environment
                   we handle a red cluster state differently because if we can get that result it means the cluster itself
                   is reachable, which is a completely different problem from not being able to join at all.
                 */
        final ClusterHealthRequest atLeastRed = client.admin().cluster().prepareHealth().setWaitForStatus(ClusterHealthStatus.RED).request();
        final ClusterHealthResponse health = client.admin().cluster().health(atLeastRed).actionGet(configuration.getClusterDiscoveryTimeout(), MILLISECONDS);
        // we don't get here if we couldn't join the cluster. just check for red cluster state
        if (ClusterHealthStatus.RED.equals(health.getStatus())) {
            final Notification notification = notificationService.buildNow().addSeverity(Notification.Severity.URGENT).addType(Notification.Type.ES_CLUSTER_RED);
            notificationService.publishIfFirst(notification);
            LOG.warn("The Elasticsearch cluster state is RED which means shards are unassigned.");
            LOG.info("This usually indicates a crashed and corrupt cluster and needs to be investigated. Graylog will write into the local disk journal.");
            LOG.info("See {} for details.", DocsHelper.PAGE_ES_CONFIGURATION);
        }
        if (ClusterHealthStatus.GREEN.equals(health.getStatus())) {
            notificationService.fixed(Notification.Type.ES_CLUSTER_RED);
        }
        notificationService.fixed(Notification.Type.ES_UNAVAILABLE);
    } catch (ElasticsearchTimeoutException e) {
        final String hosts = node.settings().get("discovery.zen.ping.unicast.hosts");
        if (!isNullOrEmpty(hosts)) {
            final Iterable<String> hostList = Splitter.on(',').omitEmptyStrings().trimResults().split(hosts);
            for (String host : hostList) {
                final URI esUri = URI.create("http://" + HostAndPort.fromString(host).getHostText() + ":9200/");
                LOG.info("Checking Elasticsearch HTTP API at {}", esUri);
                // Try the HTTP API endpoint
                final Request request = new Request.Builder().get().url(esUri.resolve("/_nodes").toString()).build();
                try (final Response response = httpClient.newCall(request).execute()) {
                    if (response.isSuccessful()) {
                        final JsonNode resultTree = objectMapper.readTree(response.body().byteStream());
                        final JsonNode nodesList = resultTree.get("nodes");
                        if (!configuration.isDisableVersionCheck()) {
                            final Iterator<String> nodes = nodesList.fieldNames();
                            while (nodes.hasNext()) {
                                final String id = nodes.next();
                                final Version clusterVersion = Version.fromString(nodesList.get(id).get("version").textValue());
                                checkClusterVersion(clusterVersion);
                            }
                        }
                        final String clusterName = resultTree.get("cluster_name").textValue();
                        checkClusterName(clusterName);
                    } else {
                        LOG.error("Could not connect to Elasticsearch at " + esUri + ". Is it running?");
                    }
                } catch (IOException ioException) {
                    LOG.error("Could not connect to Elasticsearch: {}", ioException.getMessage());
                }
            }
        }
        final Notification notification = notificationService.buildNow().addSeverity(Notification.Severity.URGENT).addType(Notification.Type.ES_UNAVAILABLE);
        notificationService.publishIfFirst(notification);
        LOG.warn("Could not connect to Elasticsearch");
        LOG.info("If you're using multicast, check that it is working in your network and that Elasticsearch is accessible. Also check that the cluster name setting is correct.");
        LOG.info("See {} for details.", DocsHelper.PAGE_ES_CONFIGURATION);
    }
}
Also used : ClusterHealthResponse(org.elasticsearch.action.admin.cluster.health.ClusterHealthResponse) ClusterHealthRequest(org.elasticsearch.action.admin.cluster.health.ClusterHealthRequest) ThreadFactoryBuilder(com.google.common.util.concurrent.ThreadFactoryBuilder) Request(okhttp3.Request) ClusterHealthRequest(org.elasticsearch.action.admin.cluster.health.ClusterHealthRequest) JsonNode(com.fasterxml.jackson.databind.JsonNode) IOException(java.io.IOException) URI(java.net.URI) Notification(org.graylog2.notifications.Notification) Response(okhttp3.Response) ClusterHealthResponse(org.elasticsearch.action.admin.cluster.health.ClusterHealthResponse) ElasticsearchTimeoutException(org.elasticsearch.ElasticsearchTimeoutException) Version(org.elasticsearch.Version) Iterator(java.util.Iterator) Client(org.elasticsearch.client.Client) OkHttpClient(okhttp3.OkHttpClient)

Example 38 with Version

use of org.graylog2.plugin.Version in project graylog2-server by Graylog2.

the class SyslogCodecTest method testDecodeStructuredIssue845.

@Test
public void testDecodeStructuredIssue845() throws Exception {
    final Message message = codec.decode(buildRawMessage(STRUCTURED_ISSUE_845));
    assertNotNull(message);
    assertEquals("User page 13 requested", message.getMessage());
    assertEquals(new DateTime("2015-01-06T20:56:33.287Z", DateTimeZone.UTC), ((DateTime) message.getField("timestamp")).withZone(DateTimeZone.UTC));
    assertEquals("app-1", message.getField("source"));
    assertEquals(6, message.getField("level"));
    assertEquals("local7", message.getField("facility"));
    assertEquals("::ffff:132.123.15.30", message.getField("ip"));
    assertEquals("{c.corp.Handler}", message.getField("logger"));
    assertEquals("4ot7", message.getField("session"));
    assertEquals("user@example.com", message.getField("user"));
    assertEquals("Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/600.2.5 (KHTML, like Gecko) Version/7.1.2 Safari/537.85.11", message.getField("user-agent"));
    assertEquals("app", message.getField("application_name"));
    assertEquals(23, message.getField("facility_num"));
}
Also used : RawMessage(org.graylog2.plugin.journal.RawMessage) Message(org.graylog2.plugin.Message) ZonedDateTime(java.time.ZonedDateTime) DateTime(org.joda.time.DateTime) Test(org.junit.Test)

Example 39 with Version

use of org.graylog2.plugin.Version in project graylog2-server by Graylog2.

the class GelfCodecTest method decodeSucceedsWithWrongTypeForTimestamp.

@Test
public void decodeSucceedsWithWrongTypeForTimestamp() throws Exception {
    final String json = "{" + "\"version\": \"1.1\"," + "\"host\": \"example.org\"," + "\"short_message\": \"A short message that helps you identify what is going on\"," + "\"timestamp\": \"Foobar\"" + "}";
    final RawMessage rawMessage = new RawMessage(json.getBytes(StandardCharsets.UTF_8));
    assertThat(rawMessage).isNotNull();
}
Also used : RawMessage(org.graylog2.plugin.journal.RawMessage) Test(org.junit.Test)

Example 40 with Version

use of org.graylog2.plugin.Version in project graylog2-server by Graylog2.

the class GelfCodecTest method decodeSucceedsWithEmptyShortMessageButWithMessage.

@Test
public void decodeSucceedsWithEmptyShortMessageButWithMessage() throws Exception {
    final String json = "{" + "\"version\": \"1.1\"," + "\"host\": \"example.org\"," + "\"short_message\": \"\"," + "\"message\": \"A short message that helps you identify what is going on\"" + "}";
    final RawMessage rawMessage = new RawMessage(json.getBytes(StandardCharsets.UTF_8));
    final Message message = codec.decode(rawMessage);
    assertThat(message).isNotNull();
}
Also used : RawMessage(org.graylog2.plugin.journal.RawMessage) Message(org.graylog2.plugin.Message) RawMessage(org.graylog2.plugin.journal.RawMessage) Test(org.junit.Test)

Aggregations

Test (org.junit.Test)29 RawMessage (org.graylog2.plugin.journal.RawMessage)28 Message (org.graylog2.plugin.Message)15 SearchVersion (org.graylog2.storage.SearchVersion)13 JsonNode (com.fasterxml.jackson.databind.JsonNode)7 IOException (java.io.IOException)5 Inject (javax.inject.Inject)5 DateTime (org.joda.time.DateTime)5 ZonedDateTime (java.time.ZonedDateTime)4 Map (java.util.Map)4 Optional (java.util.Optional)4 Constraint (org.graylog2.contentpacks.model.constraints.Constraint)4 GraylogVersionConstraint (org.graylog2.contentpacks.model.constraints.GraylogVersionConstraint)4 PluginVersionConstraint (org.graylog2.contentpacks.model.constraints.PluginVersionConstraint)4 Logger (org.slf4j.Logger)4 LoggerFactory (org.slf4j.LoggerFactory)4 ArrayNode (com.fasterxml.jackson.databind.node.ArrayNode)3 ApiOperation (io.swagger.annotations.ApiOperation)3 URI (java.net.URI)3 HashSet (java.util.HashSet)3