How to view stacktrace in Graylog

Graylog Central (peer support)
1

  1. No stack trace from GELF UDP transport. We are using a Winston logger.

  2. ubuntu-20.04-server-20220607 - Kubernetes cluster v1

  • Package Version: graylog:5.0
    env:
    - name: OPENSEARCH_JAVA_OPTS
    value: -Xms1g -Xmx1g
    - name: bootstrap.memory_lock
    value: “true”
    - name: discovery.type
    value: single-node
    - name: action.auto_create_index
    value: “false”
    - name: plugins.security.ssl.http.enabled
    value: “false”
    - name: plugins.security.disabled
    value: “true”

  1. Graylog UI - trying to enable the multiline message configuration. We have stacktrace on our nodeJs side, but unable to see or figure out how to have a multi line trace in graylog

  2. Any tips much appreciated :slight_smile:

2

Hey @MacKnight

This document may help.

3

How are you sending in logs to graylog? Its important that it can support multi line. For example, when using filebeat, you can configure multiline support so the trace is sent as a single message.

There isn’t really a way to recombine the messages in graylog if they are sent 1 message per line so this part is very important.

4

We are using Gelf transport from our Nodejs application.

interface LogMessage extends winston.Logform.TransformableInfo {
  timestamp?: string;
  level: string;
  message: string;
  stack?: string;
}

const gelfTransport = new GelfTransport(options);

export const logger = winston.createLogger({
  level: process.env.LOG_LEVEL || 'info',
  format: winston.format.combine(
    winston.format.colorize(),
    winston.format.errors({ stack: true }),
    winston.format.timestamp({ format: 'YYYY-MM-DD HH:mm:ss.SSS' }),
    winston.format.printf((info: LogMessage) => {
      const logText = `[${process.env.NODE_ENV}] ${info.timestamp} [${info.level}]: ${info.message}`;
      return info.stack ? `${logText}\n${info.stack}` : logText;
    }),
  ),
  transports: [
    new winston.transports.Console(),
    gelfTransport
  ],
});

if (process.env.NODE_ENV === PROD_ENV) {
  logger.remove(winston.transports.Console);
}

We have graylog running in a kubernetes cluster. The trace prints fine to the console, but we are unable to get it in graylog.
5

I unfortunately don’t have any direct experience with nodejs, but what i was able to find is that when writing the messages to the logger (or console) to output them as multiline messages. An example here: javascript - Indented, multi-line logging in NodeJS - Stack Overflow .

I understand this isn’t a “plug and play” fix but may be the only way to address.

6

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.