CD
Cloudflare Developers•2y ago
ra

Workers_Trace_events and Logpush via HTTP

Following the docs, I'm using the following command to enable logpush: 
curl -s -X POST 'https://api.cloudflare.com/client/v4/accounts/<my-account>/logpush/jobs' -X POST -d '
{
  "name": "canopy-api-logpush",
  "output_options": {
    "field_names": ["Event", "EventTimestampMs", "Outcome", "Exceptions", "Logs", "ScriptName"],
    "timestamp_format": "rfc3339",
    "sample_rate": 1.0
  },
  "destination_conf": "https://in.logtail.com?header_Authorization=Bearer%20<my-token>&header_content-type=application%2Fjson",
  "max_upload_bytes": 5000000,
  "max_upload_records": 1000,
  "dataset": "workers_trace_events",
  "enabled": true
}' -H "X-Auth-Email: <my-email>" -H "X-Auth-Key: <my-auth-key>"
curl -s -X POST 'https://api.cloudflare.com/client/v4/accounts/<my-account>/logpush/jobs' -X POST -d '
{
  "name": "canopy-api-logpush",
  "output_options": {
    "field_names": ["Event", "EventTimestampMs", "Outcome", "Exceptions", "Logs", "ScriptName"],
    "timestamp_format": "rfc3339",
    "sample_rate": 1.0
  },
  "destination_conf": "https://in.logtail.com?header_Authorization=Bearer%20<my-token>&header_content-type=application%2Fjson",
  "max_upload_bytes": 5000000,
  "max_upload_records": 1000,
  "dataset": "workers_trace_events",
  "enabled": true
}' -H "X-Auth-Email: <my-email>" -H "X-Auth-Key: <my-auth-key>"
When executing the following command, I'm getting the following error: {"errors":[{"code":1002,"message":"error parsing input: invalid JSON syntax"}],"messages":[],"result":null,"success":false} It doesn't appear to be anything wrong with my input (chat gpt agrees 😆 )
16 Replies
ra
raOP•2y ago
Can anyone help with the above?
Chaika
Chaika•2y ago
Looks like it's the newline after the end of your destination_conf and the string ending i.e 
  "destination_conf": "https://in.logtail.com?header_Authorization=Bearer%20<my-token>&header_content-type=application%2Fjson
",
  "destination_conf": "https://in.logtail.com?header_Authorization=Bearer%20<my-token>&header_content-type=application%2Fjson
",
Should be 
  "destination_conf": "https://in.logtail.com?header_Authorization=Bearer%20<my-token>&header_content-type=application%2Fjson",
  "destination_conf": "https://in.logtail.com?header_Authorization=Bearer%20<my-token>&header_content-type=application%2Fjson",
btw you can use the dashboard to set up Trace events logpush jobs as well, Account level Analytics & Logs -> Logs, Magic Link: https://dash.cloudflare.com/?to=/:account/logs
ra
raOP•2y ago
The above still doesn't fix the issue. I receive the following: {"errors":[{"code":1002,"message":"error validating destination: error writing object: error uploading to https: 406 Couldn't parse JSON content. - Error(\"expected value\", line: 1, column: 1)"}],"messages":[],"result":null,"success":false} I don't think you can setup trace event logpush in the dashboard for http
Chaika
Chaika•2y ago
Ahh yea you can't Well, one step further. It looks like CF is fine with the config now, but your configured http endpoint, logtail, is respnding with http 406 / Couldn't parse JSON content. - Error("expected value", line: 1, column: 1)"
ra
raOP•2y ago
Interesting, thanks for the info. The following command works on my endpoint: 
curl -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer <my-token>' \
-d '{"dt":"'"$(date -u +'%Y-%m-%d %T UTC')"'","message":"Hello from Logtail!"}' \
-k \
https://in.logtail.com
curl -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer <my-token>' \
-d '{"dt":"'"$(date -u +'%Y-%m-%d %T UTC')"'","message":"Hello from Logtail!"}' \
-k \
https://in.logtail.com
Chaika
Chaika•2y ago
hmm, it looks like the first event it sends is just 
{\"content\":\"test\"}
{\"content\":\"test\"}
ra
raOP•2y ago
Updated command is as follows: 
curl -s -X POST 'https://api.cloudflare.com/client/v4/accounts/<my-account>/logpush/jobs' -X POST -d '
{
  "name": "my-app-name",
  "output_options": {
    "field_names": ["Event", "EventTimestampMs", "Outcome", "Exceptions", "Logs", "ScriptName"],
    "timestamp_format": "rfc3339"
  },
  "destination_conf": "https://in.logtail.com?header_Authorization=Bearer%20<my-token>&header_Content-Type=application%2Fjson",
  "max_upload_bytes": 5000000,
  "max_upload_records": 1000,
  "dataset": "workers_trace_events",
  "enabled": true
}' -H "X-Auth-Email: <my-email>" -H "X-Auth-Key: <my-key>"
curl -s -X POST 'https://api.cloudflare.com/client/v4/accounts/<my-account>/logpush/jobs' -X POST -d '
{
  "name": "my-app-name",
  "output_options": {
    "field_names": ["Event", "EventTimestampMs", "Outcome", "Exceptions", "Logs", "ScriptName"],
    "timestamp_format": "rfc3339"
  },
  "destination_conf": "https://in.logtail.com?header_Authorization=Bearer%20<my-token>&header_Content-Type=application%2Fjson",
  "max_upload_bytes": 5000000,
  "max_upload_records": 1000,
  "dataset": "workers_trace_events",
  "enabled": true
}' -H "X-Auth-Email: <my-email>" -H "X-Auth-Key: <my-key>"
I wonder if it's something with header_Content-Type=application%2Fjson using some webhook testing tools show that the content-type header is coming through okay, so I'm stumped The raw content looks like the following though: ? n????{"content":"test"}?????] it looks like that's the problem ^
Chaika
Chaika•2y ago
Probably.. that's weird though. I use logpush with Datadog and no issues, not sure what kind of characters those are
ra
raOP•2y ago
Yeah, I just changed the url to webhook.site to test this out
ra
raOP•2y ago
Here's a screenshot:
ra
raOP•2y ago
Tried another tool and I see the same, and also an indication that "the request is not valid json"
Chaika
Chaika•2y ago
Looks like it's \u001f Unicode Character 'INFORMATION SEPARATOR ONE' (U+001F) (at least, the first character is)
ra
raOP•2y ago
Seems like a logpush bug, no?
Chaika
Chaika•2y ago
ahhhh it's because they're sent gzip content-encoding, you have to decompress them first https://discord.com/channels/595317990191398933/1041788765783474216/1044660891817349202 Someone build a CF Worker to handle this already: https://discord.com/channels/595317990191398933/1041788765783474216/1045370046622474281
ra
raOP•2y ago
Got it, thanks for the help! Hopefully there is an output_options to prevent this, but if not I will create a proxy. Really appreciate it!
Chaika
Chaika•2y ago
Doesn't look like there is as far as I can see. But yea, you could just use the CF Worker DSA Made with some minor to forward to Logtail instead. If you need help with that let me know, I was able to get it working.
Want results from more Discord servers?
Add your server