Comments (4)
ahmedsajid
commented on July 18, 2024
(adding more info)
Here's the query I'm running:
bonfire -h 'graylog.example.com' -p --port 443 --tls --endpoint '/api' -u Ahmed.Sajid -r 000000000000000000000001 -f
On server side (Nginx access logs)
10.0.10.1 - Ahmed.Sajid [09/Aug/2021:09:57:58 -0400] "GET /api/search/universal/absolute?query=%2A&limit=0&filter=streams%3A000000000000000000000001&from=2021-08-10+01%3A57%3A52.825&to=2021-08-09+17%3A57%3A55.022 HTTP/1.1" 200 2206 "-" "python-requests/2.25.1"
10.0.10.1 - Ahmed.Sajid [09/Aug/2021:09:58:01 -0400] "GET /api/search/universal/absolute?query=%2A&limit=0&filter=streams%3A000000000000000000000001&from=2021-08-10+01%3A57%3A55.022&to=2021-08-09+17%3A57%3A56.736 HTTP/1.1" 200 2206 "-" "python-requests/2.25.1"
10.0.10.1 - Ahmed.Sajid [09/Aug/2021:09:58:03 -0400] "GET /api/search/universal/absolute?query=%2A&limit=0&filter=streams%3A000000000000000000000001&from=2021-08-10+01%3A57%3A56.736&to=2021-08-09+17%3A57%3A59.385 HTTP/1.1" 200 2206 "-" "python-requests/2.25.1"
10.0.10.1 - Ahmed.Sajid [09/Aug/2021:09:58:06 -0400] "GET /api/search/universal/absolute?query=%2A&limit=0&filter=streams%3A000000000000000000000001&from=2021-08-10+01%3A57%3A59.385&to=2021-08-09+17%3A58%3A01.595 HTTP/1.1" 200 2206 "-" "python-requests/2.25.1"
10.0.10.1 - Ahmed.Sajid [09/Aug/2021:09:58:08 -0400] "GET /api/search/universal/absolute?query=%2A&limit=1&filter=streams%3A000000000000000000000001&from=2021-08-09+21%3A58%3A01.595&to=2021-08-09+13%3A58%3A04.287 HTTP/1.1" 200 2204 "-" "python-requests/2.25.1"
10.0.10.1 - Ahmed.Sajid [09/Aug/2021:09:58:14 -0400] "GET /api/search/universal/absolute?query=%2A&limit=0&filter=streams%3A000000000000000000000001&from=2021-08-10+01%3A58%3A06.923&to=2021-08-09+17%3A58%3A09.259 HTTP/1.1" 200 2206 "-" "python-requests/2.25.1"
10.0.10.1 - Ahmed.Sajid [09/Aug/2021:09:58:19 -0400] "GET /api/search/universal/absolute?query=%2A&limit=0&filter=streams%3A000000000000000000000001&from=2021-08-10+01%3A58%3A12.355&to=2021-08-09+17%3A58%3A14.696 HTTP/1.1" 200 2206 "-" "python-requests/2.25.1"
10.0.10.1 - Ahmed.Sajid [09/Aug/2021:09:58:21 -0400] "GET /api/search/universal/absolute?query=%2A&limit=0&filter=streams%3A000000000000000000000001&from=2021-08-10+01%3A58%3A14.696&to=2021-08-09+17%3A58%3A17.319 HTTP/1.1" 200 2206 "-" "python-requests/2.25.1"
10.0.10.1 - Ahmed.Sajid [09/Aug/2021:09:58:28 -0400] "GET /api/search/universal/absolute?query=%2A&limit=0&filter=streams%3A000000000000000000000001&from=2021-08-10+01%3A58%3A21.467&to=2021-08-09+17%3A58%3A24.353 HTTP/1.1" 200 2206 "-" "python-requests/2.25.1"
10.0.10.1 - Ahmed.Sajid [09/Aug/2021:09:58:30 -0400] "GET /api/search/universal/absolute?query=%2A&limit=1&filter=streams%3A000000000000000000000001&from=2021-08-09+21%3A58%3A24.353&to=2021-08-09+13%3A58%3A26.918 HTTP/1.1" 200 2204 "-" "python-requests/2.25.1"
10.0.10.1 - Ahmed.Sajid [09/Aug/2021:09:58:32 -0400] "GET /api/search/universal/absolute?query=%2A&limit=0&filter=streams%3A000000000000000000000001&from=2021-08-10+01%3A58%3A26.918&to=2021-08-09+17%3A58%3A28.834 HTTP/1.1" 200 2206 "-" "python-requests/2.25.1"
10.0.10.1 - Ahmed.Sajid [09/Aug/2021:09:58:34 -0400] "GET /api/search/universal/absolute?query=%2A&limit=1&filter=streams%3A000000000000000000000001&from=2021-08-09+21%3A58%3A28.834&to=2021-08-09+13%3A58%3A30.750 HTTP/1.1" 200 2204 "-" "python-requests/2.25.1"
10.0.10.1 - Ahmed.Sajid [09/Aug/2021:09:58:37 -0400] "GET /api/search/universal/absolute?query=%2A&limit=0&filter=streams%3A000000000000000000000001&from=2021-08-10+01%3A58%3A30.750&to=2021-08-09+17%3A58%3A33.327 HTTP/1.1" 200 2206 "-" "python-requests/2.25.1"
10.0.10.1 - Ahmed.Sajid [09/Aug/2021:09:58:39 -0400] "GET /api/search/universal/absolute?query=%2A&limit=0&filter=streams%3A000000000000000000000001&from=2021-08-10+01%3A58%3A33.327&to=2021-08-09+17%3A58%3A35.656 HTTP/1.1" 200 2206 "-" "python-requests/2.25.1"
Why does the time range changes every few calls?
from=2021-08-10 01:57:52.825&to=2021-08-09 17:57:55.022
from=2021-08-10 01:57:55.022&to=2021-08-09 17:57:56.736
from=2021-08-10 01:57:56.736&to=2021-08-09 17:57:59.385
from=2021-08-10 01:57:59.385&to=2021-08-09 17:58:01.595
from=2021-08-09 21:58:01.595&to=2021-08-09 13:58:04.287
from=2021-08-10 01:58:06.923&to=2021-08-09 17:58:09.259
from=2021-08-10 01:58:12.355&to=2021-08-09 17:58:14.696
from=2021-08-10 01:58:14.696&to=2021-08-09 17:58:17.319
from=2021-08-10 01:58:21.467&to=2021-08-09 17:58:24.353
from=2021-08-09 21:58:24.353&to=2021-08-09 13:58:26.918
from=2021-08-10 01:58:26.918&to=2021-08-09 17:58:28.834
from=2021-08-09 21:58:28.834&to=2021-08-09 13:58:30.750
from=2021-08-10 01:58:30.750&to=2021-08-09 17:58:33.327
from=2021-08-10 01:58:33.327&to=2021-08-09 17:58:35.656
I'll keep digging and will report back if I find anything.
from bonfire.
valentin-krasontovitsch
commented on July 18, 2024
sorry about the slow response, i believe this is a dupliate of #35 - and thank you for providing a very good looking solution! please confer my review of your pull request.
regarding your question as to why the time range changes - follow mode is implemented in such a way that it keeps querying the server for new logs, changing the time range for the logs every query, so you get all logs within round about 3 seconds from time a, and then the logs from the next 3 seconds, and then the following 3 seconds, and so on.
does that make sense?
from bonfire.
ahmedsajid
commented on July 18, 2024
Thanks for getting back.
Yes it does makes sense.
I'll spend sometime and address your comments on the PR.
from bonfire.
valentin-krasontovitsch
commented on July 18, 2024
fixed by 21cdfc2 - thank you very much @ahmedsajid !
from bonfire.
Related Issues (20)
- Release 0.0.7 / TLS / Python Package Index HOT 1
- Graylog 2.1 HOT 3
- FR: Be able to query 2+ nodes with 1 query HOT 4
- six required version == 1.9.0? HOT 2
- Use offsets to query in chunks HOT 1
- tail to file - output in one line
- known bug: timezone UTC HOT 2
- latest version in pip 0.0.7 does not include endpoint support HOT 8
- Every time I use `-f` I get the `RuntimeError: Query returns more than 10000 log entries. Use offsets to query in chunks.` HOT 2
- maintenance of the project HOT 6
- Getting 404 for my username HOT 9
- Incompatiable with new arrow HOT 2
- Error running Bonfire HOT 6
- -f, --follow mode does not show any output HOT 11
- Not reading all the options in config file HOT 5
- Stream filter should be optional even if the user doesnโt have full permissions HOT 1
- `-f` option together with date wrong result
- `query` should also be allowed to be passed as an option
- add a man page HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bonfire.