I have a fresh opendistro cluster that works fine, but I try to disable some traces in log and there is one that I can't remove.
The lines of log look like this :
[2020-04-22T10:09:17,502][INFO ][stats_log ] [myhost01] ------------------------------------------------------------------------
Program=PerformanceAnalyzerPlugin
StartTime=1580542897.428
EndTime=Wed, 21 Apr 2020 10:09:17 CEST
Time=60074 msecs
Timing=total-time:60074.0/1
Counters=TotalError=0
EOE
It's clearly written by the PerformanceAnalyzer Plugin provided by opendistro, so I try to change the log config/log4j2.properties of this plugin and I've restarted the master (myhost01 in this example) but no change in log.
My question is : How to change the log level of this plugin?
I'm on a workstation that doesn't have a FQDN. I'm developing in Ruby and using the mail gem. I host my own mail server on the LAN. I want to forward outgoing emails to this server, off to a gmail recipient (example).
Due to the fact I'm on my workstation (localhost), it not being recognized as part of one of my LAN domains (I have a static IP), it isn't being recognized by Postfix (from my mail server log):
Mar 25 08:44:30 machine.mydomain1.com postfix/smtpd[9653]: sacl_check: mbr_user_name_to_uuid(mygmail#gmail.com) failed: No such file or directory
Mar 25 08:44:30 machine.mydomain1.com postfix/cleanup[9657]: sacl_check: mbr_user_name_to_uuid(mygmail#gmail.com) failed: No such file or directory
Mar 25 08:44:30 machine.mydomain1.com postfix/smtp[9658]: 92946D63CD4: to=<mygmail#gmail.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.14, delays=0.01/0.01/0/0.11, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as AE8ECD63CDA)
Mar 25 08:44:31 machine.mydomain1.com postfix/smtp[9661]: AE8ECD63CDA: to=<mygmail#gmail.com>, relay=gmail-smtp-in.l.google.com[173.194.195.26]:25, delay=0.52, delays=0/0.01/0.34/0.16, dsn=5.7.1, status=bounced (host gmail-smtp-in.l.google.com[173.194.195.26] said: 550-5.7.1 [206.248.184.17 11] Our system has detected that this message is 550-5.7.1 not RFC 5322 compliant: 550-5.7.1 'From' header is missing. 550-5.7.1 To reduce the amount of spam sent to Gmail, this message has been 550-5.7.1 blocked. Please visit 550-5.7.1 https://support.google.com/mail/?p=RfcMessageNonCompliant 550 5.7.1 and review RFC 5322 specifications for more information. a2si7453997iog.10 - gsmtp (in reply to end of DATA command))
Mar 25 08:56:42 machine.mydomain1.com postfix/smtpd[9764]: NOQUEUE: reject: RCPT from unknown[192.168.1.4]: 554 5.7.1 <mygmail#gmail.com>: Relay access denied; from=<alpha#mydomain3.ca> to=<mygmail#gmail.com> proto=ESMTP helo=<mydomain3.ca>
I can use the mail gem properly on another box that has a FQDN just fine. I just can't seem to get it to work on my workstation. As it states in the mail server log:
'From' header is missing. 550-5.7.1 To reduce the amount of spam sent to Gmail, this message has been 550-5.7.1 blocked.
I'm assuming this is the machine name from, and not the email sender from. How can I tell the mail server that I'm not localhost? I've messed with the relay and other directives in postfix to no avail. So I'm trying to modify the Ruby syntax to make the server recognize me.
Any insight appreciated as to how I can get this to work. It's my development box and it's working on my production server, but I'd like to have it working on my dev box.
Adding the following fixed it, a config item for the gem:
mail.header['From'] = 'machine.mydomain.com'
Also making sure the relay information in postfix is set properly.
I am trying to use mmnormalize to structure text logs. Both with rsyslog 8.16.x and with 8.39.0 when trying to use mmnormalize as an action logs show that the module was not recognized. Below are details.
How can I set up to use mmnormalize with rsyslog?
remediation already tried
Installed separately liblognorm, libstr, json-c,libfastjson
Upgraded rsyslog from 8.16.x to 8.39.0
rsyslog .conf
module(load="mmnormalize") # text parsing
syslog log messages
Dec 3 11:33:55 sys1 systemd[1]: Starting System Logging Service...
Dec 3 11:33:55 sys1 systemd[1]: Started System Logging Service.
Dec 3 11:33:55 sys1 rsyslogd: could not load module 'mmnormalize',
errors: trying to load module /usr/lib/rsyslog/mmnormalize.so:
/usr/lib/rsyslog/mmnormalize.so: cannot open shared object file: No
such file or directory [v8.39.0 try http://www.rsyslog.com/e/2066 ]
Dec 3 11:33:55 sys1 rsyslogd: module name 'mmnormalize' is unknown
[v8.39.0 try http://www.rsyslog.com/e/2209 ]
Dec 3 11:33:55 sys1 rsyslogd: error during parsing file
/etc/rsyslog.d/52-tomcat.conf, on or before line 52: errors occured in
file '/etc/rsyslog.d/52-tomcat.conf' around line 52 [v8.39.0 try
http://www.rsyslog.com/e/2207 ]
The following way to install mmnormalize worked for me. I was running this on Ububutu (Xenial)
sudo apt-get install rsyslog-mmnormalize
Rich Megginson (thank you) answered as below to the same question I posted to rsyslog mailing list (rsyslog#lists.adiscon.com). As mentioned above it worked for me.
"On RHEL/CentOS/Fedora and similar platforms, the rsyslog-mmnormalize is a separate RPM that must be installed separately e.g.
yum install rsyslog rsyslog-mmnormalize ....
"
After going to tons of pages (including some SO ones) suggesting some advice (see list below), I am still not able to give my APIGateway access to execute a newly added Lambda function via the AWS CLI Command Line tool.
i.e. I'm trying to replicate this:
I've created a new endpoint, with the following integration setup:
As soon as I try and test it (from within the API Gateway Console), I get this
<AccessDeniedException>
<Message>Unable to determine service/operation name to be authorized</Message>
</AccessDeniedException>
I know that this is because, although I have added the lambda function to the method, the APIGateway policy has still not been updated (image 1), hence, there are permission issues.
If I re-add the function and allow the permissions automatically (via the AWS GUI) the testing and execution works fine.
My current CLI command I am trying to execute is this (through PS):
aws lambda add-permission --function-name xx-url --statement-id apigateway-perm-1 --action lambda:InvokeFunction --principal apigateway.amazonaws.com --s
ource-arn "arn:aws:execute-api:{REGION}:{AWS_ACCOUNT_ID}:{API_ID}/*/*"
I have tried multiple versions of the above arn address (including /*/* | /{STAGE}/{METHOD} | /{STAGE}/{METHOD}/{RESOURCE})
I've also tried deploying the API before and after these changes, with no effect?
PS - I've also read the suggestion of changing the integration type of the function to a POST (see this URL), but my requirement is to have a GET method, also - adding this GET method manually through the console works fine, hence, so should doing the same through the CLI tool.
URL list (if anyone else is look for some resources on this issue / topic):
http://interworks.com.mk
docs AWS
docs AWS #2
remove-permission
UPDATE #1
I can also confirm that, after comparing the newly created get-policy against an existing, working one - they seem almost identical (just named differently):
AWS CLI command used: aws lambda get-policy --function-name {FunctionName}
Result of already working policy vs. the newly created one:
This makes me suspect it could be an additional step I'm missing.
EDIT (per request)
Test screenshot - this log goes on to display the AccessDeniedException error.
Log as text (made a little shorter for readability):
Execution log for request test-request
Tue Mar 28 22:59:40 UTC 2017 : Starting execution for request: test-invoke-request
Tue Mar 28 22:59:40 UTC 2017 : HTTP Method: GET, Resource Path: /api/v1/{path}
Tue Mar 28 22:59:40 UTC 2017 : Method request path: {}
Tue Mar 28 22:59:40 UTC 2017 : Method request query string: {fileName=x.doc}
Tue Mar 28 22:59:40 UTC 2017 : Method request headers: {}
Tue Mar 28 22:59:40 UTC 2017 : Method request body before transformations:
Tue Mar 28 22:59:40 UTC 2017 : Endpoint request URI: https://lambda.ap-southeast-2.amazonaws.com/2015-03-31/functions/arn:aws:lambda:ap-southeast-2:{accountid}:function:xx-url/invocations
Tue Mar 28 22:59:40 UTC 2017 : Endpoint request headers: {X-Amz-Date=20170328T240Z, x-amzn-apigateway-api-id={resouceId}, Accept=application/json, Access-Control-Allow-Origin=*, User-Agent=AmazonAPIGateway_f, Host=lambda.ap-southeast-2.amazonaws.com, X-Amz-Content-Sha256=93438097f7627fe6203432b05e2257de86b32f74f8306, X-Amzn-Trace-Id=Root=1-58daeadc-bdd8f80d35834164c70, x-amzn-lambda-integration-tag=test-request, Authorization=*********************************************d309e7, X-Amz-Source-Arn=arn:aws:execute-api:ap-southeast-2:{AccountId}:{resourceId}/null/GET/api/v1/{path}, X-Amz-Security-Token=FQoDYXdzEDcaDAzSjIbAbD9j0wBjWFBxP++dR0+CGiK3flLOatlCr2 [TRUNCATED]
Tue Mar 28 22:59:40 UTC 2017 : Endpoint request body after transformations: {"resource":"/api/v1/{path}","path":"/api/v1/{path}","httpMethod":"GET","headers":null,"queryStringParameters":{"fileName":"x.doc"},"pathParameters":null,"stageVariables":null,"requestContext":{"accountId":"{AccountId}","resourceId":"{AccountId}:{resourceId}","stage":"test-invoke-stage","requestId":"test-invoke-request","identity":{"cognitoIdentityPoolId":null,"accountId""{resourceId}","cognitoIdentityId":null,"caller":"ABPPLGO4:","apiKey":"test-invoke-api-key","sourceIp":"test-invoke-source-ip","accessKey":"ASHYYQ","cognitoAuthenticationType":null,"cognitoAuthenticationProvider":null,"userArn":"arn:aws:sts::111:assumed-role/AWS-Admins/{name}","userAgent":"Apache-HttpClient/4.5.x (Java/1.8.0_112)","user":"AROZBPPLGO4:{name}"},"resourcePath":"/api/v1/{path}","httpMethod":"GET","apiId":"{resourceId}"},"body":null,"isBase64Encoded":false}
Tue Mar 28 22:59:40 UTC 2017 : Endpoint response body before transformations:
<AccessDeniedException>
<Message>Unable to determine service/operation name to be authorized</Message>
</AccessDeniedException>
Tue Mar 28 22:59:40 UTC 2017 : Endpoint response headers: {x-amzn-RequestId=39398a3e-140a-11e7-92a3-3fdc0fbb61c2, Connection=keep-alive, Content-Length=130, Date=Tue, 28 Mar 2017 22:59:39 GMT}
Tue Mar 28 22:59:40 UTC 2017 : Execution failed due to configuration error: Malformed Lambda proxy response
Tue Mar 28 22:59:40 UTC 2017 : Method completed with status: 502
The fact that this ends up reading Malformed Lambda proxy response is not the issue - I have proven it by re-selecting the lambda function manually, letting the permissions be applied, retest immediately and all works fine, the Lambda is not even getting invoked.
To summarize the debugging from the chat:
The GET method was created with the incorrect http method for Lambda, GET. This caused Lambda to not be able to interpret the request from API Gateway, generating the XML error response. The XML error response is not a valid JSON proxy response, and generated a 502 as a result.
The console is adding the necessary permissions and resetting the http method to POST, hence why it is successful after using the console.
The step you are trying to workout is solved by the command:
aws apigateway put-integration
There's a very specific thing in the options of that command you have to be very aware of. A complete "put-integration" statement comes like this:
aws apigateway put-integration
--region us-west-2
--rest-api-id y0UrApI1D
--resource-id r35ourc3ID
--http-method GET
--type AWS
--integration-http-method POST
--uri arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:111111111111:function:functionname/invocations
In the --uri option, you must be aware of:
us-west-2 is an example the region, be sure you put the correct region where your lamnda function resides
Be sure you do not change this next part, it must be exactly like stated, otherwise the permission will not be granted "lambda:path/2015-03-31/functions"
Change the value 111111111111 for your AWS account number
Change "functionname" for the exact name of your registered lambda function
Will work guaranteed
Frontend developer desperately trying to get a WAMP running on Windows 7 (Home Premium, 64 bit, SP1). I've tried WAMPSERVER and XAMPP. Starting the Apache service failed on both, returning the exact same critical error in their error.log-files:
[Thu Dec 13 14:38:56.905257 2012] [mpm_winnt:crit] [pid 4868:tid 280]
(OS 109)The pipe has been ended. : AH00404: Child: Unable to read
socket data from parent
[Thu Dec 13 14:38:57.028264 2012] [mpm_winnt:crit] [pid 5100:tid 408]
AH00427: Parent: child process exited with status 3 -- Aborting.
I've googled for over 2 hours for this problem and have tried several things. Checking/freeing up Port 80, using a different port, turning off MSSE's real-time protection, disabling LMHOSTS Lookup, dozens of reinstalls... All to no avail.
Please help :(
Go to Control Panel -> Administrative Tools -> Services. Find "Web Deployment Agent Service" right click and stop. Start up Apache and see if it sticks. If so, right click on Web Deployment Agent again and go to properties and set the startup type to Manual.
In my case, the error log was this:
[crit] (OS 109)The pipe has been ended. : setup_inherited_listeners: Unable to read socket data from parent
The solution was that Apache was set to listen on IPv6 interface, but there was no IPv6 interface enabled.