telegraf: Telegraf crashes with an exception for inputs.win_eventlog
Relevant telegraf.conf
[global_tags]
[agent]
interval = "10s"
round_interval = true
metric_batch_size = 1000
metric_buffer_limit = 10000
collection_jitter = "0s"
flush_interval = "10s"
flush_jitter = "0s"
precision = "0s"
hostname = ""
omit_hostname = false
[[outputs.loki]]
domain = "http://srv-loki-01.example.org:3100"
endpoint = "/loki/api/v1/push"
[[inputs.win_eventlog]]
xpath_query = '''
<QueryList>
<Query Id="0" Path="Application">
<Select Path="Application">*</Select>
</Query>
<Query Id="1" Path="System">
<Select Path="System">*</Select>
</Query>
<Query Id="2" Path="ForwardedEvents">
<Select Path="ForwardedEvents">*</Select>
</Query>
</QueryList>
'''
event_tags = ["Source", "EventID", "Channel", "Computer"]
Logs from Telegraf
"C:\Program Files\InfluxData\telegraf\telegraf.exe" --config "C:\Program Files\InfluxData\telegraf\telegraf.conf" --debug
2022-12-05T09:36:43Z I! Starting Telegraf 1.24.4
2022-12-05T09:36:43Z I! Available plugins: 205 inputs, 9 aggregators, 26 processors, 20 parsers, 57 outputs
2022-12-05T09:36:43Z I! Loaded inputs: win_eventlog
2022-12-05T09:36:43Z I! Loaded aggregators:
2022-12-05T09:36:43Z I! Loaded processors:
2022-12-05T09:36:43Z I! Loaded outputs: loki
2022-12-05T09:36:43Z I! Tags enabled: host=SRV-EVENT-01
2022-12-05T09:36:43Z I! [agent] Config: Interval:10s, Quiet:false, Hostname:"SRV-EVENT-01", Flush Interval:10s
2022-12-05T09:36:43Z D! [agent] Initializing plugins
2022-12-05T09:36:43Z D! [agent] Connecting outputs
2022-12-05T09:36:43Z D! [agent] Attempting connection to [outputs.loki]
2022-12-05T09:36:43Z D! [agent] Successfully connected to outputs.loki
2022-12-05T09:36:43Z D! [agent] Starting service inputs
2022-12-05T09:36:50Z D! [inputs.win_eventlog] Subscription handle id:1
2022-12-05T09:36:53Z D! [outputs.loki] Buffer fullness: 0 / 10000 metrics
2022-12-05T09:37:00Z D! [inputs.win_eventlog] Subscription handle id:1
2022-12-05T09:37:03Z D! [outputs.loki] Buffer fullness: 0 / 10000 metrics
2022-12-05T09:37:10Z D! [inputs.win_eventlog] Subscription handle id:1
Exception 0xc0000005 0x1 0x0 0x7ffaa94ee254
PC=0x7ffaa94ee254
runtime.cgocall(0x601d60, 0xc0001006c0)
/usr/local/go/src/runtime/cgocall.go:158 +0x4a fp=0xc000663210 sp=0xc0006631d8 pc=0x59494a
syscall.SyscallN(0xc000c31f00?, {0xc0006632a8?, 0xb902aa?, 0xc00087a108?})
/usr/local/go/src/runtime/syscall_windows.go:557 +0x109 fp=0xc000663288 sp=0xc000663210 pc=0x5fcd09
syscall.Syscall9(0x0?, 0xc00065a060?, 0x0?, 0x0?, 0x0?, 0x0?, 0xc0006633b8?, 0x3347292?, 0x2000000073?, 0x0, ...)
/usr/local/go/src/runtime/syscall_windows.go:507 +0x78 fp=0xc000663300 sp=0xc000663288 pc=0x5fca18
github.com/influxdata/telegraf/plugins/inputs/win_eventlog._EvtFormatMessage(0x0?, 0xc000491980?, 0x0, 0x0, 0xc00065a060?, 0x5, 0x0, 0x334673d?, 0xc0006400d8?)
/go/src/github.com/influxdata/telegraf/plugins/inputs/win_eventlog/zsyscall_windows.go:130 +0xe5 fp=0xc000663398 sp=0xc000663300 pc=0x3347125
github.com/influxdata/telegraf/plugins/inputs/win_eventlog.formatEventString(0x5, 0xc0006400d8?, 0x800?)
/go/src/github.com/influxdata/telegraf/plugins/inputs/win_eventlog/win_eventlog.go:385 +0x4a fp=0xc000663408 sp=0xc000663398 pc=0x334654a
github.com/influxdata/telegraf/plugins/inputs/win_eventlog.(*WinEventLog).renderEvent(_, _)
/go/src/github.com/influxdata/telegraf/plugins/inputs/win_eventlog/win_eventlog.go:351 +0x19d fp=0xc000663528 sp=0xc000663408 pc=0x3345ffd
github.com/influxdata/telegraf/plugins/inputs/win_eventlog.(*WinEventLog).fetchEvents(0x0?, 0xc000c300e0?)
/go/src/github.com/influxdata/telegraf/plugins/inputs/win_eventlog/win_eventlog.go:306 +0xe5 fp=0xc000663948 sp=0xc000663528 pc=0x3345be5
github.com/influxdata/telegraf/plugins/inputs/win_eventlog.(*WinEventLog).Gather(0xc000b4e2a0, {0x67523c0, 0xc0002a0c40})
/go/src/github.com/influxdata/telegraf/plugins/inputs/win_eventlog/win_eventlog.go:71 +0x185 fp=0xc000663f50 sp=0xc000663948 pc=0x33439c5
github.com/influxdata/telegraf/models.(*RunningInput).Gather(0xc00013a410, {0x67523c0, 0xc0002a0c40})
/go/src/github.com/influxdata/telegraf/models/running_input.go:118 +0x5a fp=0xc000663fa0 sp=0xc000663f50 pc=0x9b3c9a
github.com/influxdata/telegraf/agent.(*Agent).gatherOnce.func1()
/go/src/github.com/influxdata/telegraf/agent/agent.go:485 +0x2e fp=0xc000663fe0 sp=0xc000663fa0 pc=0x49eee0e
runtime.goexit()
/usr/local/go/src/runtime/asm_amd64.s:1594 +0x1 fp=0xc000663fe8 sp=0xc000663fe0 pc=0x600441
created by github.com/influxdata/telegraf/agent.(*Agent).gatherOnce
/go/src/github.com/influxdata/telegraf/agent/agent.go:484 +0x12a
System info
Telegraf 1.24.4, Windows Server 2022
Docker
No response
Steps to reproduce
Expected behavior
Actual behavior
Additional info
No response
About this issue
- Original URL
- State: closed
- Created 2 years ago
- Comments: 47 (16 by maintainers)
Absolutely.
@srebhan , I’ll test today using the original version and #12375. Thanks
@srebhan , yes I can give this a try and provide the results. Thank you!
@srebhan , thank you for digging into this!