Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done-Errata
Priority: Normal
Fix Version/s: Logging 5.7.8
Affects Version/s: Logging 5.7.z
Component/s: Log Collection
Labels:
- devel_ack+

Blocked:
False
Blocked Reason:
None
Ready:
False
Docs QE Status:
NEW
QE Status:
VERIFIED
Release Note Text:

Hide
Prior to this fix, if the "hecToken" key was missing or misspelled in the secret specified for a Splunk output, there was no diagnostic issued and Vector forwarded logs to Splunk without a token, which rightfully failed.
With this fix in place, the ClusterLogForwarder in the above case fails validation with a status item "A non-empty hecToken entry is required".

Show
Prior to this fix, if the "hecToken" key was missing or misspelled in the secret specified for a Splunk output, there was no diagnostic issued and Vector forwarded logs to Splunk without a token, which rightfully failed. With this fix in place, the ClusterLogForwarder in the above case fails validation with a status item "A non-empty hecToken entry is required".
Release Note Type:
Bug Fix

Sprint:
Log Collection - Sprint 243, Log Collection - Sprint 244
Severity:
Moderate

SFDC Cases Links:
SFDC Cases Counter:

Description

Description of problem:

If the hecToken secret key is missing or misspelled for the Splunk output, Vector sends HTTP requests to Splunk without the token in the authorization header

authorization: Splunk <blank>

that rightfully get rejected.

Version-Release number of selected component (if applicable):

5.8, 5.7.z

How reproducible:

Always

Steps to Reproduce:

Create a secret for the Splunk output, misspell the name of the hecToken key
Create a CLF with a Splunk output, with the secret created in the previous step
Instantiate the CLF

Actual results:

Vector forwards logs to Splunk without a token in the authorization header, gets rejected

Expected results:

CLO fails CLF validation, sets the status with a message about missing hecToken key

Attachments

Issue Links

links to

openshift/cluster-logging-operator#2194: LOG-4580: Add validation for secret used with the Splunk output in CLF

openshift/cluster-logging-operator#2214: [release-5.7] LOG-4580: Add validation for secret used with the Splunk output in CLF

openshift/openshift-docs#67457: [WIP] [DOCS] OBSDOCS-620 - Logging 5.7.8 Release Notes

RHBA-2023:123254 Logging Subsystem 5.7.8 - Red Hat OpenShift

mentioned on

Merge request - Updated US source to: 126c373 Merge pull request #2194 from syedriko/syedriko-log-4580

Merge request - Updated US source to: 423bba6 Merge pull request #2214 from openshift-cherrypick-robot/cherry-pick-2194-to-release-5.7

(1 mentioned on)

Activity

People

Assignee:: Sergey Yedrikov

Reporter:: Sergey Yedrikov

QA Contact:: Kabir Bharti

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 2023/10/04 7:14 PM

Updated:: 2023/11/15 6:20 PM

Resolved:: 2023/11/15 6:20 PM