GELF message with missing fields is dropped #3970
Closed
Comments
joschi
pushed a commit
that referenced
this issue
Jul 3, 2017
Instead of waiting for a later stage and "silently" dropping (logged on DEBUG) invalid messages, `GelfCodec` now actively checks for the existence and validity of mandatory GELF message fields (such as "version", "host", "short_message", and "timestamp", according to the GELF spec). Refs http://docs.graylog.org/en/2.2/pages/gelf.html Fixes #3970
bernd
added a commit
that referenced
this issue
Jul 5, 2017
* Fail fast and loud for invalid GELF messages Instead of waiting for a later stage and "silently" dropping (logged on DEBUG) invalid messages, `GelfCodec` now actively checks for the existence and validity of mandatory GELF message fields (such as "version", "host", "short_message", and "timestamp", according to the GELF spec). Refs http://docs.graylog.org/en/2.2/pages/gelf.html Fixes #3970 * Don't check "version" field for backward-compatibility There are still many GELF client libraries out there using either "1.0" or no value at all for the GELF "version" field. * Make GELF validation more lenient * Add test for minimal GELF messages * Fix logic for validating "host" message field
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Expected Behavior
If a message send via GELF (TCP) is missing some specifications or a field that should not only be visible when switching the log to debug.
https://github.com/Graylog2/graylog2-server/blob/2.2.3/graylog2-server/src/main/java/org/graylog2/shared/buffers/processors/DecodingProcessor.java#L179-L186
Current Behavior
GELF Message missing a field -
short_message
for example the message silently disappear.Possible Solution
Change the logging level in case the decoding does not work.
Steps to Reproduce (for bugs)
short_message
is discardedYour Environment
The text was updated successfully, but these errors were encountered: