[RORDEV-1872] Reproduce issue using log4j2 config provided by customer

ror-demo-cluster/conf/es/log4j2.properties

@@ -15,71 +15,125 @@
 #     along with ReadonlyREST.  If not, see http://www.gnu.org/licenses/
 #
 #
-status=error
-# log actionPost execution errors for easier debugging
-logger.action.name=org.elasticsearch.action
-logger.action.level=info
-appender.console.type=Console
-appender.console.name=console
-appender.console.layout.type=PatternLayout
-appender.console.layout.pattern=[%d{ISO8601}][%-5p][%-25c{1.}] %marker%m%n
-appender.rolling.type=RollingFile
-appender.rolling.name=rolling
-appender.rolling.fileName=${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}.log
-appender.rolling.layout.type=PatternLayout
-appender.rolling.layout.pattern=[%d{ISO8601}][%-5p][%-25c{1.}] %marker%.10000m%n
-appender.rolling.filePattern=${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}-%d{yyyy-MM-dd}.log
-appender.rolling.policies.type=Policies
-appender.rolling.policies.time.type=TimeBasedTriggeringPolicy
-appender.rolling.policies.time.interval=1
-appender.rolling.policies.time.modulate=true
-rootLogger.level=info
-rootLogger.appenderRef.console.ref=console
-rootLogger.appenderRef.rolling.ref=rolling
-appender.deprecation_rolling.type=RollingFile
-appender.deprecation_rolling.name=deprecation_rolling
-appender.deprecation_rolling.fileName=${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_deprecation.log
-appender.deprecation_rolling.layout.type=PatternLayout
-appender.deprecation_rolling.layout.pattern=[%d{ISO8601}][%-5p][%-25c{1.}] %marker%.10000m%n
-appender.deprecation_rolling.filePattern=${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_deprecation-%i.log.gz
-appender.deprecation_rolling.policies.type=Policies
-appender.deprecation_rolling.policies.size.type=SizeBasedTriggeringPolicy
-appender.deprecation_rolling.policies.size.size=1GB
-appender.deprecation_rolling.strategy.type=DefaultRolloverStrategy
-appender.deprecation_rolling.strategy.max=4
+status = error
+
+# log action execution errors for easier debugging
+logger.action.name = org.elasticsearch.action
+logger.action.level = debug
+
+appender.console.type = Console
+appender.console.name = console
+appender.console.layout.type = PatternLayout
+appender.console.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] [%node_name]%marker%m%n
+
+appender.readonlyrest_audit_rolling.type = RollingFile
+appender.readonlyrest_audit_rolling.name = readonlyrest_audit_rolling
+appender.readonlyrest_audit_rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}readonlyrest_audit.log
+appender.readonlyrest_audit_rolling.layout.type = PatternLayout
+appender.readonlyrest_audit_rolling.layout.pattern = [%d{ISO8601}] %m%n
+appender.readonlyrest_audit_rolling.filePattern = readonlyrest_audit-%i.log.gz
+appender.readonlyrest_audit_rolling.policies.type = Policies
+appender.readonlyrest_audit_rolling.policies.size.type = SizeBasedTriggeringPolicy
+appender.readonlyrest_audit_rolling.policies.size.size = 1GB
+appender.readonlyrest_audit_rolling.strategy.type = DefaultRolloverStrategy
+appender.readonlyrest_audit_rolling.strategy.max = 4
+
+# Logger name, required, must be the same as the one defined in `readonlyrest.yml` audit configuration.
+# If a custom logger name is not defined there, then the default logger name is "readonlyrest_audit"
+logger.readonlyrest_audit.name = readonlyrest_audit
+logger.readonlyrest_audit.appenderRef.readonlyrest_audit_rolling.ref = readonlyrest_audit_rolling
+# set to false to use only desired appenders
+logger.readonlyrest_audit.additivity = false
+
+appender.rolling.type = RollingFile
+appender.rolling.name = rolling
+appender.rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}.log
+appender.rolling.layout.type = PatternLayout
+appender.rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] [%node_name]%marker%.-10000m%n
+appender.rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}-%d{yyyy-MM-dd}-%i.log.gz
+appender.rolling.policies.type = Policies
+appender.rolling.policies.time.type = TimeBasedTriggeringPolicy
+appender.rolling.policies.time.interval = 1
+appender.rolling.policies.time.modulate = true
+appender.rolling.policies.size.type = SizeBasedTriggeringPolicy
+appender.rolling.policies.size.size = 1024MB
+
+#appender.rolling.strategy.max = 50
+#appender.rolling.strategy.type = DefaultRolloverStrategy
+#appender.rolling.strategy.action.type = Delete
+#appender.rolling.strategy.action.basepath = ${sys:es.logs.base_path}
+#appender.rolling.strategy.action.condition.type = IfLastModified
+#appender.rolling.strategy.action.condition.age = 7D
+#appender.rolling.strategy.action.PathConditions.type = IfFileName
+#appender.rolling.strategy.action.PathConditions.glob = ${sys:es.logs.cluster_name}-*
+
+rootLogger.level = info
+rootLogger.appenderRef.console.ref = console
+rootLogger.appenderRef.rolling.ref = rolling
+
+appender.deprecation_rolling.type = RollingFile
+appender.deprecation_rolling.name = deprecation_rolling
+appender.deprecation_rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_deprecation.log
+appender.deprecation_rolling.layout.type = PatternLayout
+appender.deprecation_rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c{1.}] [%node_name]%marker%.-10000m%n
+appender.deprecation_rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_deprecation-%i.log.gz
+appender.deprecation_rolling.policies.type = Policies
+appender.deprecation_rolling.policies.size.type = SizeBasedTriggeringPolicy
+appender.deprecation_rolling.policies.size.size = 1GB
+appender.deprecation_rolling.strategy.type = DefaultRolloverStrategy
+appender.deprecation_rolling.strategy.max = 4
 logger.deprecation.name = org.elasticsearch.deprecation
-logger.deprecation.level = deprecation
-logger.deprecation.appenderRef.header_warning.ref = header_warning
-logger.deprecation.appenderRef.deprecation_rolling.ref=deprecation_rolling
-logger.deprecation.additivity=false
-appender.index_search_slowlog_rolling.type=RollingFile
-appender.index_search_slowlog_rolling.name=index_search_slowlog_rolling
-appender.index_search_slowlog_rolling.fileName=${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_index_search_slowlog.log
-appender.index_search_slowlog_rolling.layout.type=PatternLayout
-appender.index_search_slowlog_rolling.layout.pattern=[%d{ISO8601}][%-5p][%-25c] %marker%.10000m%n
-appender.index_search_slowlog_rolling.filePattern=${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_index_search_slowlog-%d{yyyy-MM-dd}.log
-appender.index_search_slowlog_rolling.policies.type=Policies
-appender.index_search_slowlog_rolling.policies.time.type=TimeBasedTriggeringPolicy
-appender.index_search_slowlog_rolling.policies.time.interval=1
-appender.index_search_slowlog_rolling.policies.time.modulate=true
-logger.index_search_slowlog_rolling.name=index.search.slowlog
-logger.index_search_slowlog_rolling.level=trace
-logger.index_search_slowlog_rolling.appenderRef.index_search_slowlog_rolling.ref=index_search_slowlog_rolling
-logger.index_search_slowlog_rolling.additivity=false
-appender.index_indexing_slowlog_rolling.type=RollingFile
-appender.index_indexing_slowlog_rolling.name=index_indexing_slowlog_rolling
-appender.index_indexing_slowlog_rolling.fileName=${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_index_indexing_slowlog.log
-appender.index_indexing_slowlog_rolling.layout.type=PatternLayout
-appender.index_indexing_slowlog_rolling.layout.pattern=[%d{ISO8601}][%-5p][%-25c] %marker%.10000m%n
-appender.index_indexing_slowlog_rolling.filePattern=${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_index_indexing_slowlog-%d{yyyy-MM-dd}.log
-appender.index_indexing_slowlog_rolling.policies.type=Policies
-appender.index_indexing_slowlog_rolling.policies.time.type=TimeBasedTriggeringPolicy
-appender.index_indexing_slowlog_rolling.policies.time.interval=1
-appender.index_indexing_slowlog_rolling.policies.time.modulate=true
-logger.index_indexing_slowlog.name=index.indexing.slowlog.index
-logger.index_indexing_slowlog.level=trace
-logger.index_indexing_slowlog.appenderRef.index_indexing_slowlog_rolling.ref=index_indexing_slowlog_rolling
-logger.index_indexing_slowlog.additivity=false
+logger.deprecation.level = warn
+logger.deprecation.appenderRef.deprecation_rolling.ref = deprecation_rolling
+logger.deprecation.additivity = false
+
+appender.index_search_slowlog_rolling.type = RollingFile
+appender.index_search_slowlog_rolling.name = index_search_slowlog_rolling
+appender.index_search_slowlog_rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_index_search_slowlog.log
+appender.index_search_slowlog_rolling.layout.type = PatternLayout
+appender.index_search_slowlog_rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c] [%node_name]%marker%.-10000m%n
+appender.index_search_slowlog_rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_index_search_slowlog-%d{yyyy-MM-dd}.log.gz
+appender.index_search_slowlog_rolling.policies.type = Policies
+appender.index_search_slowlog_rolling.policies.time.type = TimeBasedTriggeringPolicy
+appender.index_search_slowlog_rolling.policies.time.interval = 1
+appender.index_search_slowlog_rolling.policies.time.modulate = true
+
+logger.index_search_slowlog_rolling.name = index.search.slowlog
+logger.index_search_slowlog_rolling.level = trace
+logger.index_search_slowlog_rolling.appenderRef.index_search_slowlog_rolling.ref = index_search_slowlog_rolling
+logger.index_search_slowlog_rolling.additivity = false
+
+appender.index_indexing_slowlog_rolling.type = RollingFile
+appender.index_indexing_slowlog_rolling.name = index_indexing_slowlog_rolling
+appender.index_indexing_slowlog_rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_index_indexing_slowlog.log
+appender.index_indexing_slowlog_rolling.layout.type = PatternLayout
+appender.index_indexing_slowlog_rolling.layout.pattern = [%d{ISO8601}][%-5p][%-25c] [%node_name]%marker%.-10000m%n
+appender.index_indexing_slowlog_rolling.filePattern = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_index_indexing_slowlog-%d{yyyy-MM-dd}.log.gz
+appender.index_indexing_slowlog_rolling.policies.type = Policies
+appender.index_indexing_slowlog_rolling.policies.time.type = TimeBasedTriggeringPolicy
+appender.index_indexing_slowlog_rolling.policies.time.interval = 1
+appender.index_indexing_slowlog_rolling.policies.time.modulate = true
+
+logger.index_indexing_slowlog.name = index.indexing.slowlog.index
+logger.index_indexing_slowlog.level = trace
+logger.index_indexing_slowlog.appenderRef.index_indexing_slowlog_rolling.ref = index_indexing_slowlog_rolling
+logger.index_indexing_slowlog.additivity = false
+
+#appender.rolling.strategy.max = 50
+appender.rolling.strategy.type = DefaultRolloverStrategy
+appender.rolling.strategy.action.type = Delete
+appender.rolling.strategy.action.basepath = ${sys:es.logs.base_path}
+appender.rolling.strategy.action.PathConditions.type = IfFileName
+appender.rolling.strategy.action.PathConditions.glob = ${sys:es.logs.cluster_name}*
+
+appender.rolling.strategy.action.condition.type = IfFileName
+appender.rolling.strategy.action.condition.glob = ${sys:es.logs.cluster_name}*
+#delete old logs after 7 days or when exceeding 39.5 GB
+appender.rolling.strategy.action.condition.nested_condition.type = IfAny
+appender.rolling.strategy.action.condition.nested_condition.fileSize.type = IfAccumulatedFileSize
+appender.rolling.strategy.action.condition.nested_condition.fileSize.exceeds = 39.5GB
+appender.rolling.strategy.action.condition.nested_condition.lastMod.type = IfLastModified
+appender.rolling.strategy.action.condition.nested_condition.lastMod.age = 7D
 
-logger.ror.name=tech.beshu.ror.accesscontrol.blocks.rules.elasticsearch.indices
-logger.ror.level=info
+logger.ror.name=tech.beshu.ror.accesscontrol.logging
+logger.ror.level=off

ror-demo-cluster/conf/es/readonlyrest.yml

@@ -2,7 +2,9 @@ readonlyrest:
 
   audit:
     enabled: true
-    outputs: [index]
+    outputs:
+      - type: index
+      - type: log
 
   access_control_rules:
 

utils/extract_license_edition.sh

@@ -1,4 +1,4 @@
-#!/usr/bin/env sh
+#!/usr/bin/env bash
 # Extract 'license.edition' from a ROR_ACTIVATION_KEY
 # Usage: extract_license_edition.sh <rorActivationLicense>
 set -eu