Hi mark,
Thanks for this link, but I guess this is not related to this issue.
Let's use an example.
A log line with method+request+protocol < 1024 characters and a very
long captured header is ok :
172.17.0.1:38318 [16/May/2017:08:00:31.266] abcde fghij 0/0/106/139/268
200 99999 - - ---- 1/1/0/0/0 0/0
{ONE_CAPURED_HEADER|ANOTHER_HEADER|A_2048_CHAR_LONG_HEADER} "GET /
HTTP/1.1"
when method+request+protocol > 1024 characters the log line is still
valid, but the request is truncated:
172.17.0.1:38318 [16/May/2017:08:00:31.266] abcde fghij 0/0/106/139/268
200 99999 - - ---- 1/1/0/0/0 0/0 {ONE_CAPURED_HEADER|ANOTHER_HEADER|
A_2048_CHAR_LONG_HEADER} "GET /?test=my_very_long_request_truncated"
Only the content of "GET /?test=my_very_long_request_truncated" is
truncated to 1024 characters, not the whole line.
The end quote is still present, it does not seems related to syslog
daemon limitations.
Stéphane
On 16 May 2017, at 14:16, Mark Staudinger wrote:
Hi Stéphane,
On some OSes, including FreeBSD, the syslogd daemon has a hard-coded
line length of 1024 characters.
Your log daemon may support run-time or configuration options to
extend this limit. So you can either use another log daemon, or
re-compile syslogd with a higher limit, here's one example:
http://bsdpants.blogspot.com/2010/08/truncated-syslog-messages.html
Cheers,
-Mark
On Tue, 16 May 2017 07:28:30 -0400, Stéphane Cottin
<stephane.cot...@vixns.com> wrote:
Hi,
Version: haproxy 1.7.2
I'm logging to a unix socket, allowing long lines.
log /dev/log len 8192 local0
[...]
option dontlognull
option log-separate-errors
option httplog
I'm also capturing the referer header.
capture request header Referer len 4096
When using large strings (length > 1024 ) the request is truncated to
1024 characters in the log line, the captured header is not.
The log line is still valid, quotes are present, only the end of the
request string is missing.
Do I miss some config parameter ? setting the len in the log
configuration directive shouldn't prevent this ?
Stéphane