Is it possible to have Postfix mark debug_peer_list messages as "debug" syslog severity?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Is it possible to have Postfix mark debug_peer_list messages as "debug" syslog severity?

deoren
I'm trying to troubleshoot some occasional HAProxy health check
failures. HAProxy logs the health check failures and Postfix logs "lost
connection after RCPT" messages without a whole lot of other detail. I
learned Postfix's debug_peer_list and debug_peer_level options and have
added the IP Address used by HAProxy to the debug_peer_list setting.

I see that no matter the debug_peer_level chosen, this increases the log
levels significantly. This is good, as I'm hoping to use this additional
detail to help pin down the root cause for the occasional failures, but
it appears that these more verbose messages are still being logged at
"informational" level.

Is there an option somewhere to change that, so that all messages logged
as as a result of the debug_peer_* options are set at debug syslog level
instead?

Because the health check failures are infrequent and hard to pin down,
I'd like to leave the debug logging active for a while, but filter on
mail facility and debug level so that the debug messages are saved
locally instead of being passed into our logging infrastructure (where
they eventually make it into a Graylog instance).

If I use the syslog_name setting I could then filter on that, but I'm
passing mail from HAProxy on the same port/transport, which I assume
would result in all log messages for mail passed in on that transport
being logged only to the local system.

Thank you in advance for reading this and for any advice you may have!
Reply | Threaded
Open this post in threaded view
|

Re: Is it possible to have Postfix mark debug_peer_list messages as "debug" syslog severity?

Viktor Dukhovni


> On Mar 25, 2018, at 11:59 PM, deoren <[hidden email]> wrote:
>
> Is there an option somewhere to change that, so that all messages logged as as a result of the debug_peer_* options are set at debug syslog level instead?

No.

--
        Viktor.

Reply | Threaded
Open this post in threaded view
|

Re: Is it possible to have Postfix mark debug_peer_list messages as "debug" syslog severity?

deoren
On 3/26/2018 12:18 AM, Viktor Dukhovni wrote:
>
>
>> On Mar 25, 2018, at 11:59 PM, deoren <[hidden email]> wrote:
>>
>> Is there an option somewhere to change that, so that all messages logged as as a result of the debug_peer_* options are set at debug syslog level instead?
>
> No.
>

Thank you for the definitive answer.
Reply | Threaded
Open this post in threaded view
|

Re: Is it possible to have Postfix mark debug_peer_list messages as "debug" syslog severity?

Wietse Venema
In reply to this post by Viktor Dukhovni
Viktor Dukhovni:
>
>
> > On Mar 25, 2018, at 11:59 PM, deoren <[hidden email]> wrote:
> >
> > Is there an option somewhere to change that, so that all messages logged as as a result of the debug_peer_* options are set at debug syslog level instead?
>
> No.

Do not turn on debug_peer_* logging for routine usage.

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: Is it possible to have Postfix mark debug_peer_list messages as "debug" syslog severity?

deoren
On 3/26/2018 6:02 AM, Wietse Venema wrote:

> Viktor Dukhovni:
>>
>>
>>> On Mar 25, 2018, at 11:59 PM, deoren <[hidden email]> wrote:
>>>
>>> Is there an option somewhere to change that, so that all messages logged as as a result of the debug_peer_* options are set at debug syslog level instead?
>>
>> No.
>
> Do not turn on debug_peer_* logging for routine usage.
>
> Wietse
>

Hi Wietse,

Thank you for the reply.

I understand that it's not a good idea to use it for routine usage, but
I'm trying to debug a sporadic health check failure that tends to occur
(when it does happen) during very early morning hours. The first failure
usually occurs (+/- 15 minutes or so) around 2:30 am, again around 3:30
am and finally around 4:30 am before things settle out. This occurs
across all three backend relay nodes, usually one or two nodes at a time
(though it has occurred simultaneously against all of them on a few
occasions).

I'm hoping with the verbose details being logged that I can expose the
root cause for final resolution when this happens again. At that point I
plan to disable the use of the debug_peer_* options.

In the meantime (while I wait for it to happen again), this just means
that I'll need to use another means of filtering than the syslog
severity level in order to keep those messages from going into log
destinations that are not really equipped to handle the load. I have
setup a rsyslog filter that matches against the syslog_name value and
it's working well enough for now, though unfortunately the match does
catch some messages that I previously allowed on through to the
downstream nodes (including Graylog).

It would be nice though if there was an option to enable a specific
syslog severity level or messages generated as a result of using the
debug_peer_* options.

Do you accept feature requests here on the list or through another means?

Thank you for your time.
Reply | Threaded
Open this post in threaded view
|

Re: Is it possible to have Postfix mark debug_peer_list messages as "debug" syslog severity?

Wietse Venema
deoren:
> It would be nice though if there was an option to enable a specific
> syslog severity level or messages generated as a result of using the
> debug_peer_* options.
>
> Do you accept feature requests here on the list or through another means?

There is no shortage of 'nice-to-have' things, but there is a
shortage of development cycles. The cycles are prioritized towards
projects that benefit many users.

As for trouble shooting this specific case, I suggest setting up a
cron job that sends an email every 5 minutes until you can narrow
down the time range. Putting the date in the subject may help.

        Wietse