KeyCloak 17记录到Logstash
有人对我如何做到这一点有一个想法(顶级评论所建议的): keyCloak logstash to logstash 但是对于使用Quarkus而不是Wildfly的最新KeyCloak版本17+?
编辑1 : 在我成功地将LogStash功能添加到我的KeyCloak+Quarkus构建中后,logging-gelf在已安装的功能下显示
我仍然无法在Kibana上看到日志,就好像没有发送日志,但该功能是安装。
我认为这种配置是从:
quarkus.log.handler.gelf.enabled=true
quarkus.log.handler.gelf.json=true
quarkus.log.handler.gelf.json.key-overrides={timestamp="@timestamp"}
quarkus.log.handler.gelf.json.exception-output-type=formatted
quarkus.log.handler.gelf.json.additional-field."appname".value=${env.LOGSTASH_APPNAME:myApplicationName}
quarkus.log.handler.gelf.json.additional-field."@version".value=1
quarkus.log.handler.gelf.host=tcp:${env.LOGSTASH_DESTINATION:someDefaultDestination}
quarkus.log.handler.gelf.port=${env.LOGSTASH_PORT:5044}
#Default vale is tcp
#quarkus.log.handler.gelf.protocol=tcp
quarkus.log.handler.gelf.block-on-reconnect=true
quarkus.log.handler.gelf.async=true
#Default value is ALL
#quarkus.log.handler.gelf.level=ALL
quarkus.log.handler.gelf.async.queue-length=${env-LOGSTASH_QUEUE:1000}
#Default value is block
#quarkus.log.handler.gelf.async.overflow=block
还是我只是“化妆”的一些配置?
Does anyone have an idea on how I can do this (what the top comments suggests): Keycloak logging to logstash
But for the newest keycloak version 17+ which uses Quarkus instead of Wildfly?
Edit 1:
After I have successfully added logstash feature to my keycloak+quarkus build, and logging-gelf shows under installed features
I can still not see logs on kibana, as if the logs are not being sent but the feature is installed.
Am I correct in thinking that this configuration is a correct "replacement" for the the Wildfly cli from the link:
quarkus.log.handler.gelf.enabled=true
quarkus.log.handler.gelf.json=true
quarkus.log.handler.gelf.json.key-overrides={timestamp="@timestamp"}
quarkus.log.handler.gelf.json.exception-output-type=formatted
quarkus.log.handler.gelf.json.additional-field."appname".value=${env.LOGSTASH_APPNAME:myApplicationName}
quarkus.log.handler.gelf.json.additional-field."@version".value=1
quarkus.log.handler.gelf.host=tcp:${env.LOGSTASH_DESTINATION:someDefaultDestination}
quarkus.log.handler.gelf.port=${env.LOGSTASH_PORT:5044}
#Default vale is tcp
#quarkus.log.handler.gelf.protocol=tcp
quarkus.log.handler.gelf.block-on-reconnect=true
quarkus.log.handler.gelf.async=true
#Default value is ALL
#quarkus.log.handler.gelf.level=ALL
quarkus.log.handler.gelf.async.queue-length=${env-LOGSTASH_QUEUE:1000}
#Default value is block
#quarkus.log.handler.gelf.async.overflow=block
Or is there some configurations that I just have "made up"?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
首先:目前,KeyCloak直接对GELF/LOGSTASH没有本机支持。也就是说,可以肯定地使用Quarkus Logging Gelf扩展名。为了使此工作起作用,这有点复杂,但是总的来说,您必须:
下载Quarkiverse-Logging-gelf的罐子 - 两者都“部署”和运行时罐,Quarkus版本KeyCloak版本使用(2.7.0?不确定,IIRC我在17.0.1中更新为2.7.5)。另外,您还需要下载此Quarkus扩展名的瞬态依赖性,即正确版本中的Logstash-gelf Jar。将这些罐子放入您的KC的“提供商”目录中。
在conf目录中创建一个quarkus.properties文件,并添加所需的配置。 Quarkus主页上有一个集中式日志管理指南。
运行“构建”
启动keycloak。您的日志现在应该显示
,它应该有效,以使您的登录以所需的方式删除。
这些步骤还用示例描述了这些步骤,例如在这里。
注意:我在KeyCloak团队中。卑诗省目前没有开箱即用的支持。我们正在考虑更好地利用Quarkus的扩展方法(因此您不必手动下载罐子和瞬态依赖项),但是我想对于这种特定情况,我们将在未来做些事情:)
eding> edit :使用KeyCloak配置: - > https://github.com/keycloak/keycloak/keycloak/keycloak/keycloak/keycloak/plullpull/pull/pull/12843
编辑2 :PR合并,第一类支持应从下一个主要版本中获得(我猜19)
First of all: at the moment keycloak has no native support for gelf/logstash directly. That said, it is possible to do for sure using the quarkus logging gelf extension. In order for this to work, it is a bit complicated, but in general You have to:
download the jars for the quarkiverse-logging-gelf - both, the "deployment" and the runtime jar, for the quarkus version your keycloak version uses (2.7.0? Not sure, iirc I updated to 2.7.5 in 17.0.1). Also you need to download the transient dependency of this quarkus extension, namely the logstash-gelf jar in the right version. Put these jars inside the "providers" directory of your kc.
create a quarkus.properties file in the conf directory and add your desired configuration. There is a centralized log management guide on the quarkus homepage.
run a "build"
start Keycloak. Your log should now show
And it should work to get your logs out the way you want it.
These steps are also described with examples e.g. here.
Note: I am in the Keycloak team. There is no out of the box support right now directly, bc. we are thinking about leveraging quarkus' extension approach better (so you do not have to download the jars and transient dependencies manually), but I guess for this specific case we will do something the future :)
edit: open pr for support using keycloak config: -> https://github.com/keycloak/keycloak/pull/12843
edit 2: pr merged, firstclass support should be available from the next major version (19 i guess)