diff --git a/services/graylog/README.md b/services/graylog/README.md index 3c45ca54..e9651f9f 100644 --- a/services/graylog/README.md +++ b/services/graylog/README.md @@ -15,7 +15,8 @@ make down 1. Create a GELF UDP INPUT 2. Show incoming messages 3. All the docker container messages shall be visible -4. Send a message following through the console: +4. Use *content packs* to preconfigure dashboards, alerts, pipelines, ... +5. Send a message following through the console: ```console echo -n '{ "version": "1.1", "host": "example.org", "short_message": "A short message", "level": 5, "_some_info": "foo" }' | nc -w0 -u localhost 12201 diff --git a/services/graylog/data/contentpacks/osparc-custom-content-pack-v2.json b/services/graylog/data/contentpacks/osparc-custom-content-pack-v2.json index 0c443cab..29736672 100644 --- a/services/graylog/data/contentpacks/osparc-custom-content-pack-v2.json +++ b/services/graylog/data/contentpacks/osparc-custom-content-pack-v2.json @@ -1,7 +1,7 @@ { "v": "1", "id": "dfaeea11-bde6-4203-9cfe-6ca2a23ca22e", - "rev": 40, + "rev": 41, "name": "osparc-custom-content-pack-v2", "summary": "osparc-custom-content-pack-v2", "description": "", diff --git a/services/graylog/scripts/README.md b/services/graylog/scripts/README.md index 5b311bfb..ff5daa01 100644 --- a/services/graylog/scripts/README.md +++ b/services/graylog/scripts/README.md @@ -1,6 +1,7 @@ # Purpose This python scripts check if Graylog is running, and add the necessary inputs if the Graylos instance is a new one.. +**Nota bene**: Use content packs to preconfigure dashboards, ... # Installation diff --git a/services/graylog/scripts/configure.py b/services/graylog/scripts/configure.py index b053823d..0b18da00 100644 --- a/services/graylog/scripts/configure.py +++ b/services/graylog/scripts/configure.py @@ -1,9 +1,6 @@ -import copy import json import logging import os -import random -import uuid import warnings from time import sleep @@ -351,138 +348,6 @@ def configure_alerts(): exit(1) -def configure_dashboards(): - print("Configuring Graylog Dashboards...") - with open("dashboards.yaml") as f: - data = yaml.load(f, Loader=SafeLoader) - url = ( - "https://monitoring." - + env.str("MACHINE_FQDN") - + "/graylog/api/dashboards?query=&page=1&per_page=10&sort=title&order=asc" - ) - r = session.get(url, headers=hed) - if r.status_code == 200: - totalDashboards = r.json()["total"] - totalDashboards = int(totalDashboards) - alreadyPresentDashboards = r.json() - url = "https://monitoring." + env.str("MACHINE_FQDN") + "/graylog/api/views" - for presentDashboard in alreadyPresentDashboards["elements"]: - resp = session.delete( - url + "/" + str(presentDashboard["id"]), headers=hed, verify=False - ) - if resp.ok: - print( - "Dashboard successfully deleted: " - + str(presentDashboard["title"]) - ) - else: - print( - "Could not delete a Dashboard. Failure: " - + str(resp.status_code) - + "!" - ) - print(resp.json()) - exit(1) - else: - print( - "Could not fetch dashboards. Is graylog misconfigured? Exiting with error!" - ) - exit(1) - - for i in data: - url = ( - "https://monitoring." - + env.str("MACHINE_FQDN") - + "/graylog/api/views/search" - ) - randSearchid = "".join(random.choice("0123456789abcdef") for n in range(24)) - randUuid = str(uuid.uuid4()) - print(randSearchid, randUuid) - content = { - "id": randSearchid, - "queries": [ - { - "id": randUuid, - "query": {"type": "elasticsearch", "query_string": ""}, - "timerange": {"type": "relative", "from": 300}, - "search_types": [], - } - ], - "parameters": [], - } - resp = session.post(url, headers=hed, json=content) - if resp.status_code == 201: - print("Search successfully added. ") - else: - print("Could not add search. Failure:", resp.status_code) - print(resp.json()) - exit(1) - url = ( - "https://monitoring." - + env.str("MACHINE_FQDN") - + "/graylog/api/views/search/" - + str(randSearchid) - + "/execute" - ) - resp = session.post(url, headers=hed) - if resp.status_code == 201: - print("Search successfully executed. ") - else: - print("Could not execute search. Failure:", resp.status_code) - print(resp.json()) - exit(1) - #### - url = ( - "https://monitoring." - + env.str("MACHINE_FQDN") - + "/graylog/api/views/search/metadata" - ) - content = { - "id": randSearchid, - "queries": [ - { - "id": curQuery["id"], - "query": curQuery["query"], - "timerange": curQuery["timerange"], - "filter": None, - "search_types": [], - } - for curQuery in i["state"][list(i["state"].keys())[0]]["widgets"] - ], - "parameters": [], - } - resp = session.post(url, headers=hed, json=content) - if resp.status_code == 200: - print("Search metadata executed. ") - else: - print("Could not add metadata for search. Failure:", resp.status_code) - print(resp.json()) - exit(1) - #### - url = "https://monitoring." + env.str("MACHINE_FQDN") + "/graylog/api/views" - i["search_id"] = str(randSearchid) - uuidInFile = list(i["state"].keys())[0] - i["state"][randUuid] = copy.deepcopy(i["state"][uuidInFile]) - del i["state"][uuidInFile] - del i["state"][randUuid]["widget_mapping"] - i["state"][randUuid]["widget_mapping"] = {} - resp = session.post(url, headers=hed, json=i) - if resp.status_code == 200: - print("Dashboard successfully added: " + str(i["title"])) - else: - print("Could not add dashboard. Failure:", resp.status_code) - print(resp.json()) - exit(1) - print("###################################") - print("WARNING: CURRENTLY THERE IS A MINOR BUG W.R.T. DASHBOARDS, PLEASE READ:") - print( - "Graylog dashboards will be empty, you need to open the dashboard, go to a widget, and modify the graylog search query" - ) - print("[Such as: Remove & Re-Add a single letter]") - print("Then, the dashboard will work. Make sure to save it.") - print("###################################") - - def configure_content_packs(session, headers, base_url): def get_installation(content_pack): logger.debug(f"Getting installations for content pack {content_pack['id']}") @@ -617,9 +482,6 @@ def install_content_pack_revision(content_pack): # Configure Alerts configure_alerts() - # Configure Dashboards - configure_dashboards() - # content pack will create GELF UDP Input # NOTE: When you introduce changes, revision number increase is mandatory # we cannot use auto loader since it doesn't properly update content packs. diff --git a/services/graylog/scripts/dashboards.yaml b/services/graylog/scripts/dashboards.yaml deleted file mode 100644 index bebea972..00000000 --- a/services/graylog/scripts/dashboards.yaml +++ /dev/null @@ -1,273 +0,0 @@ -- id: 63933d4d00139a32e0d5b451 - type: DASHBOARD - title: oSparc Graylog Overview - summary: oSparc Graylog Overview - description: oSparc Graylog Overview - properties: [] - state: - a1647eb6-a064-4fe6-b459-1e4267d3f659: - selected_fields: - formatting: - highlighting: [] - titles: - tab: - title: oSparc Graylog Overview - widget: - 6c127c5d-be75-4157-b43f-ac0194ac0586: Selected sources - 92d63811-e4dd-47db-bd3b-db03c8a9bd53: Messages per Source - 00637e63-d728-4b3e-932b-7c8696b4855d: Messages over time - e64ef077-53e7-4413-902d-2cc11c0e4221: Containers with the most "ERROR" messages - in the last 24h - 28b07da9-28ef-4b0b-a505-02bdd7585da4: '"ERROR" messages in the last 24h' - 02e34a4f-e248-4026-8e4d-109b88ca2617: Containers with the most "WARNING" messages - in the last 24h - 83015f4a-a59c-48d8-ab04-974cd24de474: '"WARNING" messages in the last 24h' - widgets: - - id: 92d63811-e4dd-47db-bd3b-db03c8a9bd53 - type: aggregation - config: - column_pivots: [] - rollup: true - row_pivots: - - field: source - type: values - config: - limit: 10 - series: - - config: - name: Message count - function: count() - sort: - - type: series - field: count() - direction: Descending - visualization: pie - visualization_config: - event_annotation: false - timerange: - type: relative - range: 300 - query: - streams: [] - - id: 6c127c5d-be75-4157-b43f-ac0194ac0586 - type: aggregation - config: - column_pivots: [] - rollup: true - row_pivots: - - field: source - type: values - config: - limit: 15 - series: - - config: - name: Message count - function: count() - sort: - - type: series - field: count() - direction: Descending - visualization: table - visualization_config: - event_annotation: false - timerange: - type: relative - range: 300 - query: - streams: [] - - id: 00637e63-d728-4b3e-932b-7c8696b4855d - type: aggregation - config: - column_pivots: [] - rollup: true - row_pivots: - - field: timestamp - type: time - config: - interval: - type: auto - scaling: 1 - series: - - config: - name: Message count - function: count() - sort: [] - visualization: line - visualization_config: - event_annotation: false - timerange: - type: relative - range: 300 - query: - streams: [] - - id: e64ef077-53e7-4413-902d-2cc11c0e4221 - type: aggregation - config: - column_pivots: - - field: timestamp - type: time - config: - interval: - type: timeunit - value: 2 - unit: hours - rollup: true - row_pivots: - - field: container_name - type: values - config: - limit: 10 - series: - - config: - name: '' - function: count(container_name) - - config: - name: '' - function: count(container_id) - sort: - - type: series - field: count(container_name) - direction: Descending - visualization: heatmap - visualization_config: - color_scale: Picnic - reverse_scale: false - auto_scale: true - z_min: - z_max: - use_smallest_as_default: false - default_value: - event_annotation: false - timerange: - type: relative - from: 86400 - query: - type: elasticsearch - query_string: "message:\"[0;31mERROR\" OR (message:\"ERROR\" AND NOT - container_name:Syslog*)" - streams: [] - - id: 28b07da9-28ef-4b0b-a505-02bdd7585da4 - type: messages - config: - decorators: [] - fields: - - timestamp - - source - - container_name - show_message_row: true - show_summary: true - sort: - - type: pivot - field: timestamp - direction: Descending - timerange: - type: relative - from: 86400 - query: - type: elasticsearch - query_string: "message:\"[0;31mERROR\" OR (message:\"ERROR\" AND NOT - container_name:Syslog*)" - streams: [] - - id: 02e34a4f-e248-4026-8e4d-109b88ca2617 - type: aggregation - config: - column_pivots: - - field: timestamp - type: time - config: - interval: - type: timeunit - value: 2 - unit: hours - rollup: true - row_pivots: - - field: container_name - type: values - config: - limit: 10 - series: - - config: - name: '' - function: count(container_name) - - config: - name: '' - function: count(container_id) - sort: - - type: series - field: count(container_name) - direction: Descending - visualization: heatmap - visualization_config: - color_scale: Greys - reverse_scale: true - auto_scale: true - use_smallest_as_default: false - default_value: - event_annotation: false - timerange: - type: relative - from: 86400 - query: - type: elasticsearch - query_string: message:"WARNING" AND NOT container_name:Syslog* AND NOT container_name:/.*traefik.*/ - streams: [] - - id: 83015f4a-a59c-48d8-ab04-974cd24de474 - type: messages - config: - decorators: [] - fields: - - timestamp - - source - - container_name - show_message_row: true - show_summary: true - sort: - - type: pivot - field: timestamp - direction: Descending - timerange: - type: relative - from: 86400 - query: - type: elasticsearch - query_string: message:"WARNING" AND NOT container_name:Syslog* AND NOT container_name:/.*traefik.*/ - streams: [] - widget_mapping: {} - positions: - 92d63811-e4dd-47db-bd3b-db03c8a9bd53: - col: 9 - row: 17 - height: 4 - width: 4 - 6c127c5d-be75-4157-b43f-ac0194ac0586: - col: 1 - row: 17 - height: 4 - width: 2 - 00637e63-d728-4b3e-932b-7c8696b4855d: - col: 3 - row: 17 - height: 4 - width: 6 - e64ef077-53e7-4413-902d-2cc11c0e4221: - col: 1 - row: 2 - height: 8 - width: 8 - 28b07da9-28ef-4b0b-a505-02bdd7585da4: - col: 9 - row: 2 - height: 8 - width: 4 - 02e34a4f-e248-4026-8e4d-109b88ca2617: - col: 1 - row: 10 - height: 7 - width: 8 - 83015f4a-a59c-48d8-ab04-974cd24de474: - col: 9 - row: 10 - height: 7 - width: 4 - created_at: '2019-11-22T10:54:50.950Z' - owner: admin