udp handler not working

Sensu Classic (EOL)
1

I’m struggling to get the UDP handler working. Sensu version 0.10.2. had it working fine on a Vagrant VM, but now that I’m trying things in my dev environment, it’s not working. Although Sensu says it’s handling the event, I’m not observing any network traffic (via tcpdump), and no errors in the log.

I see this in sensu-server when it handles an event:

{“timestamp”:“2013-09-11T14:44:37.201342+0000”,“level”:“info”,“message”:“handling event”,“event”:{“client”:{“subscriptions”:[“kibana”,“default”,“logstash_server”],“address”:“10.252.2.195”,“tags”:[“app:pi-logstash”,“ver:LATEST”,“az:usw2a”,“env:dev”],“safe_mode”:false,“name”:“usw2a-pri-dev-pi-logstash-latest-01”,“timestamp”:1378910680},“check”:{“interval”:60,“command”:"/opt/sensu/embedded/bin/ruby /etc/sensu/plugins/check-procs.rb -C 1 -p ‘logstash-server’",“handlers”:[“default”],“subscribers”:[“logstash_server”],“standalone”:false,“name”:“logstash_server-running”,“issued”:1378910676,“executed”:1378910696,“output”:“CheckProcs CRITICAL: Found 2 matching processes; cmd /logstash-server/\n”,“status”:2,“duration”:0.918,“history”:[“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”]},“occurrences”:22,“action”:“create”},“handler”:{“severities”:[“ok”,“warning”,“critical”,“unknown”],“type”:“udp”,“socket”:{“host”:“10.252.2.195”,“port”:4242},“name”:“default”}}

This is the config for my “default” handler:

{

“handlers”: {

“default”: {

“severities”: [

“ok”,

“warning”,

“critical”,

“unknown”

],

“type”: “udp”,

“socket”: {

“host”: “10.252.2.195”,

“port”: 4242

}

}

}

}

If I use nc to send the event, it is received (by logstash at the other end), and I see traffic with tcpdump:

echo ‘{“client”: {“subscriptions”: [“kibana”, “default”, “logstash_server”], “address”: “10.252.2.195”, “tags”: [“app:pi-logstash”, “ver:LATEST”, “az:usw2a”, “env:dev”], “safe_mode”: false, “name”: “usw2a-pri-dev-pi-logstash-latest-01”, “timestamp”: 1378909379 }, “check”: {“interval”: 60, “command”: “/opt/sensu/embedded/bin/ruby /etc/sensu/plugins/check-procs.rb -C 1 -p ‘logstash-server’”, “handlers”: [“default”], “subscribers”: [“logstash_server”], “standalone”: false, “name”: “logstash_server-running”, “issued”: 1378909360, “executed”: 1378909381, “output”: “CheckProcs CRITICAL: Found 2 matching processes; cmd /logstash-server/\n”, “status”: 2, “duration”: 0.493, “history”: [“2”, “2”, “2”, “2”, “2”, “0”, “0”, “0”, “0”, “0”, “0”, “0”, “0”, “0”, “0”, “0”, “0”, “0”, “0”, “0”, “2”] }, “occurrences”: 1, “action”: “create”}’ | nc -u -q 1 10.252.2.195 4242

Thoughts?

···


Brian Lalor
blalor@bravo5.org

2

Hey Brian,

The UDP handler has been fixed in the latest beta (0.11.0.beta.2), now binds to 0.0.0.0:0. Once the latest beta has a few more testers, we can publish a new stable.

Sean.

···

On Wed, Sep 11, 2013 at 7:56 AM, Brian Lalor blalor@bravo5.org wrote:

I’m struggling to get the UDP handler working. Sensu version 0.10.2. had it working fine on a Vagrant VM, but now that I’m trying things in my dev environment, it’s not working. Although Sensu says it’s handling the event, I’m not observing any network traffic (via tcpdump), and no errors in the log.

I see this in sensu-server when it handles an event:

{“timestamp”:“2013-09-11T14:44:37.201342+0000”,“level”:“info”,“message”:“handling event”,“event”:{“client”:{“subscriptions”:[“kibana”,“default”,“logstash_server”],“address”:“10.252.2.195”,“tags”:[“app:pi-logstash”,“ver:LATEST”,“az:usw2a”,“env:dev”],“safe_mode”:false,“name”:“usw2a-pri-dev-pi-logstash-latest-01”,“timestamp”:1378910680},“check”:{“interval”:60,“command”:“/opt/sensu/embedded/bin/ruby /etc/sensu/plugins/check-procs.rb -C 1 -p ‘logstash-server’”,“handlers”:[“default”],“subscribers”:[“logstash_server”],“standalone”:false,“name”:“logstash_server-running”,“issued”:1378910676,“executed”:1378910696,“output”:“CheckProcs CRITICAL: Found 2 matching processes; cmd /logstash-server/\n”,“status”:2,“duration”:0.918,“history”:[“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”,“2”]},“occurrences”:22,“action”:“create”},“handler”:{“severities”:[“ok”,“warning”,“critical”,“unknown”],“type”:“udp”,“socket”:{“host”:“10.252.2.195”,“port”:4242},“name”:“default”}}

This is the config for my “default” handler:

{

“handlers”: {

“default”: {

“severities”: [

“ok”,

“warning”,

“critical”,

“unknown”

],

“type”: “udp”,

“socket”: {

“host”: “10.252.2.195”,

“port”: 4242

}

}

}

}

If I use nc to send the event, it is received (by logstash at the other end), and I see traffic with tcpdump:

echo ‘{“client”: {“subscriptions”: [“kibana”, “default”, “logstash_server”], “address”: “10.252.2.195”, “tags”: [“app:pi-logstash”, “ver:LATEST”, “az:usw2a”, “env:dev”], “safe_mode”: false, “name”: “usw2a-pri-dev-pi-logstash-latest-01”, “timestamp”: 1378909379 }, “check”: {“interval”: 60, “command”: “/opt/sensu/embedded/bin/ruby /etc/sensu/plugins/check-procs.rb -C 1 -p ‘logstash-server’”, “handlers”: [“default”], “subscribers”: [“logstash_server”], “standalone”: false, “name”: “logstash_server-running”, “issued”: 1378909360, “executed”: 1378909381, “output”: “CheckProcs CRITICAL: Found 2 matching processes; cmd /logstash-server/\n”, “status”: 2, “duration”: 0.493, “history”: [“2”, “2”, “2”, “2”, “2”, “0”, “0”, “0”, “0”, “0”, “0”, “0”, “0”, “0”, “0”, “0”, “0”, “0”, “0”, “0”, “2”] }, “occurrences”: 1, “action”: “create”}’ | nc -u -q 1 10.252.2.195 4242

Thoughts?


Brian Lalor
blalor@bravo5.org
http://github.com/blalor

3

Thanks, Sean.

···

On Sep 17, 2013, at 12:40 PM, Sean Porter portertech@gmail.com wrote:

The UDP handler has been fixed in the latest beta (0.11.0.beta.2), now binds to 0.0.0.0:0. Once the latest beta has a few more testers, we can publish a new stable.


Brian Lalor
blalor@bravo5.org