You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello there,
We recently upgraded to 1.16.3 on June the 13th (we were on 1.15.4 before), and since started to notice multiple errors that we did not have previously:
2024-07-04T03:24:14.457+0200 [ERROR] core: failed to audit response: request_path=auth/kubernetes/path/to/auth
error=
| 1 error occurred:
| \t* event not processed by enough 'sink' nodes
|
It seems to be similar to #25549 but we are already with the #26616 fix...
Environment:
Vault Server Version : (retrieve with vault status): 1.16.3
Vault CLI Version (retrieve with vault version): 1.16.3
Server Operating System/Architecture: Linux / Amd64
The unix socket is bound to a Syslog-NG v4.2 on the same server, with the following configuration :
@version: 4.2
# Doc: https://www.syslog-ng.com/technical-documents/list/syslog-ng-open-source-edition/3.5
options {
flush_lines (0); # how many lines are flushed to a destination at a time. The syslog-ng OSE application waits for this number of lines to accumulate and sends them off in a single batch.
time_reopen (10); # The time to wait in seconds before a dead connection is reestablished
log_fifo_size (10000); # The number of messages that the output queue can store
log_msg_size(102400000); # Maximum length of a message in bytes. This length includes the entire message
stats(freq(43200)); # 12h
};
...
source s_vault_audit_logs { unix-stream('/path/to/vault-audit-logs'); };
destination d_vault_audit_logs { file("/path/to/logs/audit.log" perm(0644) owner("syslogng") group("syslogng")); };
log { source(s_vault_audit_logs); destination(d_vault_audit_logs); };
I can provide more information if required,
Thanks
The text was updated successfully, but these errors were encountered:
Hi, thanks for reporting this! An additional fix for this problem was released in Vault 1.17.1 and 1.16.5 (enterprise only). Please try one of those versions and see if that resolves your issue. If it doesn't, feel free to re-open this issue.
Describe the bug
Hello there,
We recently upgraded to 1.16.3 on June the 13th (we were on 1.15.4 before), and since started to notice multiple errors that we did not have previously:
It seems to be similar to #25549 but we are already with the #26616 fix...
Environment:
vault status
): 1.16.3vault version
): 1.16.3Vault server configuration file(s):
Additional context
Our single audit device is configured as such :
The unix socket is bound to a Syslog-NG v4.2 on the same server, with the following configuration :
I can provide more information if required,
Thanks
The text was updated successfully, but these errors were encountered: