Relay log message through Application LoadBalancer
I'm trying to figure out how to relay a message through an AWS Application Load Balancer. I have the config setup to relay the message with: destination d_kafka_unstructured { network( "<dns-name>" port(9082) );}; Look at the tcpdump log I can see that the message is relayed but the ALB doesn't know how to handle it and responds with 400 sinceing the message isn't a HTTP Request. What would be the best way to wrap the message in a http like request that the ALB will understand. Is there an easy way to just tell syslog-ng to relay the message as HTTP or would I need to write something to add/strip the HTTP wrapper. Ronald Fenner Network Architect Game Circus LLC. rfenner@gamecircus.com
Doing the same through NetScaler no issues TLS in front TCP/514 in back. What SLB are you using ? On Fri, Feb 22, 2019 at 1:06 PM Ronald Fenner <rfenner@gamecircus.com> wrote:
I'm trying to figure out how to relay a message through an AWS Application Load Balancer. I have the config setup to relay the message with: destination d_kafka_unstructured { network( "<dns-name>" port(9082) );};
Look at the tcpdump log I can see that the message is relayed but the ALB doesn't know how to handle it and responds with 400 sinceing the message isn't a HTTP Request.
What would be the best way to wrap the message in a http like request that the ALB will understand. Is there an easy way to just tell syslog-ng to relay the message as HTTP or would I need to write something to add/strip the HTTP wrapper.
Ronald Fenner Network Architect Game Circus LLC.
rfenner@gamecircus.com
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
I'm using Amazon's Application Load Balancer. It only has options for listens of Http/Https. There is no option for a TCP listener. If It had the option for a TCP listener it would probably work. Since I only have the option for HTTP I need to wrap the relayed log with a HTTP Packet so the Application Load Balancer can recognize and route it. Ronald Fenner Network Architect Game Circus LLC. rfenner@gamecircus.com
On Feb 22, 2019, at 6:07 PM, Scot <scotrn@gmail.com> wrote:
Doing the same through NetScaler no issues TLS in front TCP/514 in back. What SLB are you using ?
On Fri, Feb 22, 2019 at 1:06 PM Ronald Fenner <rfenner@gamecircus.com <mailto:rfenner@gamecircus.com>> wrote: I'm trying to figure out how to relay a message through an AWS Application Load Balancer. I have the config setup to relay the message with: destination d_kafka_unstructured { network( "<dns-name>" port(9082) );};
Look at the tcpdump log I can see that the message is relayed but the ALB doesn't know how to handle it and responds with 400 sinceing the message isn't a HTTP Request.
What would be the best way to wrap the message in a http like request that the ALB will understand. Is there an easy way to just tell syslog-ng to relay the message as HTTP or would I need to write something to add/strip the HTTP wrapper.
Ronald Fenner Network Architect Game Circus LLC.
rfenner@gamecircus.com <mailto:rfenner@gamecircus.com> ______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng <https://lists.balabit.hu/mailman/listinfo/syslog-ng> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng <http://www.balabit.com/support/documentation/?product=syslog-ng> FAQ: http://www.balabit.com/wiki/syslog-ng-faq <http://www.balabit.com/wiki/syslog-ng-faq>
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
Hi, syslog-ng (at least recent versions) do have a http() destination, but then the other side should be a webserver, so if you plan to run something like syslog-ng on the backends that will not work. On Sat, Feb 23, 2019 at 1:38 AM Ronald Fenner <rfenner@gamecircus.com> wrote:
I'm using Amazon's Application Load Balancer. It only has options for listens of Http/Https. There is no option for a TCP listener. If It had the option for a TCP listener it would probably work.
Since I only have the option for HTTP I need to wrap the relayed log with a HTTP Packet so the Application Load Balancer can recognize and route it.
Ronald Fenner Network Architect Game Circus LLC.
rfenner@gamecircus.com
On Feb 22, 2019, at 6:07 PM, Scot <scotrn@gmail.com> wrote:
Doing the same through NetScaler no issues TLS in front TCP/514 in back. What SLB are you using ?
On Fri, Feb 22, 2019 at 1:06 PM Ronald Fenner <rfenner@gamecircus.com> wrote:
I'm trying to figure out how to relay a message through an AWS Application Load Balancer. I have the config setup to relay the message with: destination d_kafka_unstructured { network( "<dns-name>" port(9082) );};
Look at the tcpdump log I can see that the message is relayed but the ALB doesn't know how to handle it and responds with 400 sinceing the message isn't a HTTP Request.
What would be the best way to wrap the message in a http like request that the ALB will understand. Is there an easy way to just tell syslog-ng to relay the message as HTTP or would I need to write something to add/strip the HTTP wrapper.
Ronald Fenner Network Architect Game Circus LLC.
rfenner@gamecircus.com
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
participants (3)
-
Ronald Fenner
-
Scheidler, Balázs
-
Scot