We are receiving - SystemCallError error="The interface is unknown. - OpenEventLog inside Windows Container #71
Description
Hi,
Our block of configuration is triggering an error message that we cannot overcome. Can you please advise what is going wrong? We get the same with the version 2 of the plugin.
We are running fluentd on Windows as a container (AWS EKS Windows nodeS).
Regards,
Dejan
__
Error message when invoking the fluentd config for windows_eventlogor windows_eventlog2:
2020-11-30 08:03:36 +0000 [info]: starting fluentd-1.11.5 pid=6996 ruby="2.6.5"
2020-11-30 08:03:36 +0000 [info]: spawn command to main: cmdline=["C:/ruby26/bin/ruby.exe", "-Eascii-8bit:ascii-8bit", "C:/ruby26/bin/fluentd", "-c", "C:\\fluent\\conf\\fluent.conf", "--under-supervisor"]
2020-11-30 08:03:46 +0000 [info]: adding match pattern="@FLUENT_LOG" type="null"
2020-11-30 08:03:47 +0000 [info]: adding filter pattern="@FLUENT_LOG" type="record_transformer"
2020-11-30 08:03:47 +0000 [info]: adding match pattern="@FLUENT_LOG" type="elasticsearch_dynamic"
2020-11-30 08:03:49 +0000 [info]: adding source type="windows_eventlog"
2020-11-30 08:03:49 +0000 [warn]: #0 in_windows_eventlog is deprecated. It will be removed in the future version.
2020-11-30 08:03:49 +0000 [info]: #0 starting fluentd worker pid=1632 ppid=6996 worker=0
2020-11-30 08:03:49 +0000 [error]: #0 unexpected error error_class=SystemCallError error="The interface is unknown. - OpenEventLog"
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/lib/ruby/gems/2.6.0/gems/win32-eventlog-0.6.7/lib/win32/eventlog.rb:112:in `initialize'
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/lib/ruby/gems/2.6.0/gems/fluent-plugin-windows-eventlog-0.8.0/lib/fluent/plugin/in_windows_eventlog.rb:113:in `new'
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/lib/ruby/gems/2.6.0/gems/fluent-plugin-windows-eventlog-0.8.0/lib/fluent/plugin/in_windows_eventlog.rb:113:in `block in start'
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/lib/ruby/gems/2.6.0/gems/fluent-plugin-windows-eventlog-0.8.0/lib/fluent/plugin/in_windows_eventlog.rb:110:in `each'
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/lib/ruby/gems/2.6.0/gems/fluent-plugin-windows-eventlog-0.8.0/lib/fluent/plugin/in_windows_eventlog.rb:110:in `start'
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/lib/ruby/gems/2.6.0/gems/fluentd-1.11.5-x64-mingw32/lib/fluent/root_agent.rb:200:in `block in start'
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/lib/ruby/gems/2.6.0/gems/fluentd-1.11.5-x64-mingw32/lib/fluent/root_agent.rb:189:in `block (2 levels) in lifecycle'
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/lib/ruby/gems/2.6.0/gems/fluentd-1.11.5-x64-mingw32/lib/fluent/root_agent.rb:188:in `each'
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/lib/ruby/gems/2.6.0/gems/fluentd-1.11.5-x64-mingw32/lib/fluent/root_agent.rb:188:in `block in lifecycle'
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/lib/ruby/gems/2.6.0/gems/fluentd-1.11.5-x64-mingw32/lib/fluent/root_agent.rb:175:in `each'
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/lib/ruby/gems/2.6.0/gems/fluentd-1.11.5-x64-mingw32/lib/fluent/root_agent.rb:175:in `lifecycle'
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/lib/ruby/gems/2.6.0/gems/fluentd-1.11.5-x64-mingw32/lib/fluent/root_agent.rb:199:in `start'
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/lib/ruby/gems/2.6.0/gems/fluentd-1.11.5-x64-mingw32/lib/fluent/engine.rb:248:in `start'
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/lib/ruby/gems/2.6.0/gems/fluentd-1.11.5-x64-mingw32/lib/fluent/engine.rb:147:in `run'
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/lib/ruby/gems/2.6.0/gems/fluentd-1.11.5-x64-mingw32/lib/fluent/supervisor.rb:607:in `block in run_worker'
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/lib/ruby/gems/2.6.0/gems/fluentd-1.11.5-x64-mingw32/lib/fluent/supervisor.rb:845:in `main_process'
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/lib/ruby/gems/2.6.0/gems/fluentd-1.11.5-x64-mingw32/lib/fluent/supervisor.rb:598:in `run_worker'
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/lib/ruby/gems/2.6.0/gems/fluentd-1.11.5-x64-mingw32/lib/fluent/command/fluentd.rb:361:in `<top (required)>'
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/lib/ruby/2.6.0/rubygems/core_ext/kernel_require.rb:54:in `require'
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/lib/ruby/2.6.0/rubygems/core_ext/kernel_require.rb:54:in `require'
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/lib/ruby/gems/2.6.0/gems/fluentd-1.11.5-x64-mingw32/bin/fluentd:8:in `<top (required)>'
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/bin/fluentd:23:in `load'
2020-11-30 08:03:49 +0000 [error]: #0 C:/ruby26/bin/fluentd:23:in `<main>'
2020-11-30 08:03:49 +0000 [error]: #0 unexpected error error_class=SystemCallError error="The interface is unknown. - OpenEventLog"
2020-11-30 08:03:49 +0000 [error]: #0 suppressed same stacktrace
2020-11-30 08:03:49 +0000 [info]: Worker 0 finished unexpectedly with status 1
Here is our fluentd config:
<match @FLUENT_LOG>
@type null
</match>
<source>
@type windows_eventlog
channels application,system
read_interval 2
tag winevt.raw
<storage>
@type local # @type local is the default.
persistent true # default is true. Set to false to use in-memory storage.
path /var/log/fluentd-buffers # This is required when persistent is true.
# Or, please consider using <system> section's `root_dir` parameter.
</storage>
</source>
<filter @FLUENT_LOG>
@type record_transformer
@id filter_containers_stream_transformer
<record>
stream_name ${tag_parts[4]}
</record>
</filter>