Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

graylog_* error handling issue #7

Open
bandit145 opened this issue Feb 7, 2020 · 0 comments
Open

graylog_* error handling issue #7

bandit145 opened this issue Feb 7, 2020 · 0 comments

Comments

@bandit145
Copy link

I believe I have identified an issue in the get_token function of the modules that will result in a KeyError instead of the desired Ansible module failure if the Graylog endpoint does not exist or is down.

- name: base_graylog_config | get inputs
  graylog_input:
    endpoint: localhost:9000
    graylog_user: admin
    graylog_password: "{{ graylog_admin_pass }}"
    action: list
    allow_http: true
  register: inputs

Error:

An exception occurred during task execution. To see the full traceback, use -vvv. The error was: KeyError: 'body'
    fatal: [test-molecule-graylog]: FAILED! => {"changed": false, "module_stderr": "Shared connection to 10.64.34.237 closed.\r\n", "module_stdout": "Traceback (most recent call last):\r\n  File \"/home/molecule/.ansible/tmp/ansible-tmp-1581105797.887236-245989639182613/AnsiballZ_graylog_input.py\", line 102, in <module>\r\n    _ansiballz_main()\r\n  File \"/home/molecule/.ansible/tmp/ansible-tmp-1581105797.887236-245989639182613/AnsiballZ_graylog_input.py\", line 94, in _ansiballz_main\r\n    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\r\n  File \"/home/molecule/.ansible/tmp/ansible-tmp-1581105797.887236-245989639182613/AnsiballZ_graylog_input.py\", line 40, in invoke_module\r\n    runpy.run_module(mod_name='ansible.modules.graylog_input', init_globals=None, run_name='__main__', alter_sys=True)\r\n  File \"/usr/lib64/python2.7/runpy.py\", line 176, in run_module\r\n    fname, loader, pkg_name)\r\n  File \"/usr/lib64/python2.7/runpy.py\", line 82, in _run_module_code\r\n    mod_name, mod_fname, mod_loader, pkg_name)\r\n  File \"/usr/lib64/python2.7/runpy.py\", line 72, in _run_code\r\n    exec code in run_globals\r\n  File \"/tmp/ansible_graylog_input_payload_ASMJXC/ansible_graylog_input_payload.zip/ansible/modules/graylog_input.py\", line 199, in <module>\r\n  File \"/tmp/ansible_graylog_input_payload_ASMJXC/ansible_graylog_input_payload.zip/ansible/modules/graylog_input.py\", line 173, in main\r\n  File \"/tmp/ansible_graylog_input_payload_ASMJXC/ansible_graylog_input_payload.zip/ansible/modules/graylog_input.py\", line 132, in get_token\r\nKeyError: 'body'\r\n", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}

This is caused by this section of error handling here which assumes that it always receives an application error (and not some network level issue):

https://github.com/ReconInfoSec/ansible-graylog-modules/blob/master/library/graylog_collector_configurations.py#L259

This could be fixed by adding something like this:

if 'urlopen error' in info['msg']:
        module.fail_json(msg="Fail: %s" % ("Status: Connection refused"))
elif info['status'] != 200:
        module.fail_json(msg="Fail: %s" % ("Status: " + str(info['msg']) + ", Message: " + str(info['body'])))
 fatal: [test-molecule-graylog]: FAILED! => {"changed": false, "msg": "Fail: Status: Connection refused"}

Which would be much clearer.

I'd be happy to submit a PR for this if wanted.
robotparty pushed a commit to LO3Energy/ansible-graylog-modules that referenced this issue Jul 9, 2021
@matthgyver
Manage inputs (ReconInfoSec#7)
12ed128 
* update readme

* documentation fix

* renamme module rsyslog file

* rename graylog input file

* minor fix on example
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@bandit145