Skip to content

Hyposcaler bot/issue 14 #15

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Hyposcaler bot/issue 14 #15

wants to merge 3 commits into from

Conversation

@hyposcaler-bot
Copy link

@hyposcaler-bot hyposcaler-bot commented Jul 1, 2025
edited
Loading

Updates lab to use stages with wait-for
Corrected router configs to adjust for changes in BGP policy since lab was created
Pinned srlinux nodes to 25.3.2

This should address issue #14

Note: this was only lightly tested, I only confirmed that the lab starts without error

@hyposcaler-bot hyposcaler-bot mentioned this pull request Jul 1, 2025
Open
@hellt
Copy link
Member

hellt commented Jul 1, 2025

@azyablov it seems you were outpaced =) but would be good for you to give it a go

@hellt
Copy link
Member

hellt commented Jul 1, 2025

thanks @hyposcaler-bot

@hellt hellt requested a review from azyablov July 1, 2025 14:16
@azyablov
Copy link
Collaborator

azyablov commented Jul 2, 2025

@hellt in my to do list ) will check today

@azyablov
Copy link
Collaborator

azyablov commented Jul 4, 2025

@hellt process.name and hostname keywords got disappeared with new SRL version, investigating. Looking for ECS 9.0.0 and updated dashboards as well.

@hellt
Copy link
Member

hellt commented Jul 4, 2025

I think the big change that has happened in the SRL land is the RFC5424 SYSLOG support; at the time of this post we did not have it

@azyablov
Copy link
Collaborator

@hyposcaler-bot @hellt please check accumulated changes adjusted-issue-14

  1. Reworked transformation pipeline for Logstash.
  2. Switched to ECS v8 with automatic template provisioning.
  3. Added provisioning client to avoid manual steps: health checks, password updates, dashboards and data view.
  4. Activated TLS and Auth, since plain HTTP to be deprecated.
  5. Rewritten shell scripts in more idiomatic way.
  6. Docs structure now follows ECSv8.
  7. Added syslog-ng for verification, trouble shooting and SIEM cases. Script to provision on SRL NEs.

Potential issues found:
syslog inputs plugin can't coupe with RFC5424 correctly, while SRL send compliant messages

"tags" => [
        [0] "syslog",
        [1] "srlinux",
        [2] "_grokparsefailure_sysloginput"
    ],

Opened issue logstash-input-syslog/issues/79

azyablov
azyablov reviewed Jul 11, 2025
View reviewed changes
Copy link
Collaborator

@azyablov azyablov left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Regrading pull request:

  • NEs configs are ok.
  • clab file logic has been changed in adjusted-issue-14 order to start SRL nodes after provisioner, which allows to capture logs immediately after the start having ELK stack ready for service before.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@azyablov azyablov azyablov left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@hyposcaler-bot @hellt @azyablov