No Tokens seen anywhere?

I have been waiting to hear some response to another thread on Sidecars. Since installing a fresh 4.x on RHEL 8, and importing my Mongod from my 3.x server, most things are working. But I can’t see an existing token for anyone or anything, anywhere, since the upgrade. I don’t don’t see errors in server.log. I don’t see errors in the audit log. But there are no tokens visible anywhere to view or edit. All of my winlogbeats sidecars are sending logs. But they all appear as inactive with no pings. It may be all related to the token system being totally broken. Or perhaps it’s just the visibility of tokens that is broken? If I create a new user, and a new token for it I can see that and copy to clipboard. But every other thing in the interface seems to have no tokens.

Since I got no answers, I created a new token, and I had to manually edit the yml on every sidecar sender. Things look as normal now, but I’d like to know where the old stuff went. And for that matter I’d like to know if every user is supposed to have a token that I currently can’t see.

Hi there,

The tokens did move, but you should be able to find them here:

Which should allow you to view the old tokens.

1 Like

Ohhhhhh wait. I feel kind of dumb–I get what you’re seeing, and I’m wondering if it’s actually related to the fact that we made a breaking change in 4.0 where users now a UID. Have you done a mongodump from the 3.x instance and a dump from the 4.x instance? I’d wager that you’d find that the tokens (potentially) in Mongo, but they’re not assigned to a UID.

I’d have to test that hunch out, but that’s what immediately coming to mind.

Nope, can’t see any token anywhere from the old 3.2.x system.

So if you do a 3.X mongodump and a 4.X mongodump, did the access tokens even get migrated?

You should be able to dump and then inspect the bson files using

bsondump --pretty < access_tokens.bson

There’s got to be a reason why they’re not showing in the UI.

I did a mongodump on 3.x and restored to 4.x. I have never done a mongodump on 4.x. There is no mention in any guidance from Graylog about what you are suggesting. Frankly, there seems to be very little guidance of any kind for getting from a 3.x instance to a 4.x instance. Though frankly, any disaster recovery would likely go that way. And anyone doing an OS upgrade would very likely need that guidance as well.

This is from the 3.2 backup…

“_id”: {
“$oid”: “blah”
“last_access”: {
“$date”: {
“$numberLong”: “1615327446895”
“token_type”: {
“$numberInt”: “1”
“token”: “blaahblahblah”,
“username”: “graylog-sidecar”,
“NAME”: “sidecar_token”
2021-03-16T22:26:14.915-0400 1 objects found

Then I just did a mongorestore ./graylog_dump/

Just did a bsondump on the tokens in 4.x, and there is no sign the tokens were migrated when I did the mongorestore from 3.x. It found only 2. A test one I created and the new SideCar one I created. The existing one from 3.x is nowhere to be seen.

I’ll have to try deploying and upgrading–on its face, this screams “bug” to me. While I’m working on replicating it, can you open an issue on

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.