This widget could not be displayed.
This widget could not be displayed.
Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to parse Docker logs with multiple events from stacktrace?

lassemammen
Explorer
‎04-07-2016 08:29 AM

When using the Docker Splunk logging driver to send events into the http collector splunk logs individual logs like this: 

{"line":"the message","source":"stdout","tag":"container tag"}

Unfortunately, for stacktraces from tomcat/log4j, it will separate them into multiple log events per line for the stacktrace, bottom line first, like this:

{"line":"\tat java.lang.Thread.run(Thread.java:745)\r","source":"stdout","tag":"33f25cc98f0c"}
{"line":"\tat java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)\r","source":"stdout","tag":"33f25cc98f0c"}
{"line":"\tat java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)\r","source":"stdout","tag":"33f25cc98f0c"}

This makes is it nearly impossible to use. Does anybody know a way to either combine them in Splunk or get tomcat to spit them out in a single line?

Hope someone out there are able to help.

This widget could not be displayed.
This widget could not be displayed.
Reply

sloshburch
Ultra Champion
‎09-21-2016 02:17 PM

Adding a cross reference: https://answers.splunk.com/answers/453876/sourcetypes-with-docker-and-http-event-collector.html

This widget could not be displayed.
0 Karma
This widget could not be displayed.
This widget could not be displayed.
Reply

onimishra
Explorer
‎06-30-2016 02:41 AM

I've finally found a way around the problem, at least for Splunk.

Note that with this solution, you'll not be able to use any of the added labels that the Splunk Log driver gives you. In my team, we got around this by including all the information within the log statement (through either the MDC or the logging configuration within the service in the container).

Instead of using the Splunk Log driver (which leaves little control about what to do), we used the Syslog driver. We configured the Syslog driver to send its data via UDP to a normal Splunk installation. Remember to setup Splunk to listen for data. This can be done in Settings -> Data Input -> UDP (under Local inputs) and then hit new. Set the port to 1514. If you are running your Splunk in a docker container, make a port binding that maps 514 to 1514 (as 514 is the standard syslog port). Create a new source type in the next screen, and name it something you can remember, as we need to configure it afterwards.
Now, when a log event occurs within your service container, it is logged to syslog which sends it to Splunk. It does however come out with the syslog data (date, tags etc) prepended to your log statement and each line is interpreted as its own event.

When the UDP input has been created, it is time to configure the source type. Go to Settings -> Source Types and search for the source type you've just created.
First, lets remove the syslog data from the log statement. In the Advanced section, click "new setting" at the bottom. Name it SEDCMD-01. This will run an SED command, which allows us to modify the input prior to indexing (based on rules described here). On my unix system the syslog data would look something like this

[{date} something=docker horse=horse]: Start my log statement

To remove this, I set the value of my SEDCMD-01 to "s/.+]: //g" without quotes. This takes everything that ends with ]: and removes it, and as that is what end out syslog statement, we now only have the pure log statement. This also means that any tags that is configured with the Syslog Driver is removed prior to indexing, so keep all the extra information you want within your core log statement.

All of my own log statement start with a date and time like "2016-06-30 08:15:30,423". I use this create an event break point. In the Event Breaks section of the source type, I put in "\d\d\d\d-\d\d-\d\d \d\d:\d\d:\d\d" without quotes in the pattern box. Doing so creates a BREAK_ONLY_BEFORE in my advanced section (so, the break will be before my date by standard). Note that this is not a line break, but event break. That means it will keep gathering data, until it reaches a new date.

In my experience (running Splunk in a docker container), I would have to restart the container in order for my changes to take effect. Otherwise, you should now be done!
I've attached below some images of my configuration in the source type, and of what a log statement looks like in my Search and Report.

I hope this helps. Please ask more questions if it doesn't, so that we can get more people to use docker and splunk together 🙂

Source Type

Log Statement

Preview file
59 KB
Preview file
235 KB
FreeMarker template error (HTML_DEBUG mode; use RETHROW in production!)

Template importing failed (for parameter value "theme-lib.common-functions.ftl"):
/home/lithium/customer/splunk2.prod/plugins.export/custom/splunk/splunk2/prod/res/macros/theme-lib.common-functions.ftl (No such file or directory)

----
FTL stack trace ("~" means nesting-related):
	- Failed at: #import "theme-lib.common-functions.f...  [in template "message-view.widget.product-snippet@override" at line 1, column 1]
----

Java stack trace (for programmers):
----
freemarker.core._MiscTemplateException: [... Exception message was already printed; see it above ...]
	at freemarker.core.LibraryLoad.accept(LibraryLoad.java:67)
	at freemarker.core.Environment.visit(Environment.java:326)
	at freemarker.core.Environment.visit(Environment.java:332)
	at freemarker.core.Environment.process(Environment.java:305)
	at freemarker.template.Template.process(Template.java:378)
	at lithium.customize.freemarker.FreeMarkerService.processTemplate(FreeMarkerService.java:95)
	at lithium.template.CustomTemplateFreeMarkerParser.parseInlineTemplateThrowException(CustomTemplateFreeMarkerParser.java:196)
	at lithium.template.CustomTemplateFreeMarkerParser.parseInlineTemplate(CustomTemplateFreeMarkerParser.java:225)
	at $CustomTemplateParser_a0d189800a1155.parseInlineTemplate(Unknown Source)
	at $CustomTemplateParser_a0d189800a0e40.parseInlineTemplate(Unknown Source)
	at lithium.web2.services.layout.CustomComponentTemplateRenderable.render(CustomComponentTemplateRenderable.java:85)
	at lithium.tapestry.services.components.CssClassRenderableDecorator$1.render(CssClassRenderableDecorator.java:64)
	at org.apache.tapestry5.internal.services.RenderQueueImpl.run(RenderQueueImpl.java:72)
	at lithium.tapestry.services.internal.InternalComponentRenderer.render(InternalComponentRenderer.java:124)
	at lithium.tapestry.services.internal.InternalComponentRenderer.render(InternalComponentRenderer.java:236)
	at $ComponentRenderer_a0d189800a0d1a.render(Unknown Source)
	at lithium.web2.services.layout.TemplateComponentDecoratorRenderer.execute(TemplateComponentDecoratorRenderer.java:66)
	at freemarker.core.Environment.visit(Environment.java:426)
	at freemarker.core.UnifiedCall.accept(UnifiedCall.java:101)
	at freemarker.core.Environment.visit(Environment.java:326)
	at freemarker.core.Environment.visit(Environment.java:332)
	at freemarker.core.Environment.process(Environment.java:305)
	at freemarker.template.Template.process(Template.java:378)
	at lithium.customize.freemarker.FreeMarkerService.processTemplate(FreeMarkerService.java:95)
	at lithium.template.CustomTemplateFreeMarkerParser.parseInlineTemplateThrowException(CustomTemplateFreeMarkerParser.java:196)
	at lithium.template.CustomTemplateFreeMarkerParser.parseInlineTemplate(CustomTemplateFreeMarkerParser.java:225)
	at $CustomTemplateParser_a0d189800a1155.parseInlineTemplate(Unknown Source)
	at $CustomTemplateParser_a0d189800a0e40.parseInlineTemplate(Unknown Source)
	at lithium.web2.services.layout.CustomComponentTemplateRenderable.render(CustomComponentTemplateRenderable.java:85)
	at lithium.tapestry.services.components.CssClassRenderableDecorator$1.render(CssClassRenderableDecorator.java:64)
	at org.apache.tapestry5.internal.services.RenderQueueImpl.run(RenderQueueImpl.java:72)
	at org.apache.tapestry5.internal.services.PageRenderQueueImpl.render(PageRenderQueueImpl.java:124)
	at $PageRenderQueue_a0d189800a1086.render(Unknown Source)
	at $PageRenderQueue_a0d189800a1085.render(Unknown Source)
	at org.apache.tapestry5.internal.services.MarkupRendererTerminator.renderMarkup(MarkupRendererTerminator.java:37)
	at lithium.tapestry.services.trace.AbstractAppTraceMarkupRendererFilter.renderMarkup(AbstractAppTraceMarkupRendererFilter.java:85)
	at $MarkupRenderer_a0d189800a10e5.renderMarkup(Unknown Source)
	at lithium.tapestry.services.trace.AbstractAppTraceMarkupRendererFilter.renderMarkup(AbstractAppTraceMarkupRendererFilter.java:85)
	at $MarkupRenderer_a0d189800a10e5.renderMarkup(Unknown Source)
	at lithium.tapestry.services.trace.AbstractAppTraceMarkupRendererFilter.renderMarkup(AbstractAppTraceMarkupRendererFilter.java:85)
	at $MarkupRenderer_a0d189800a10e5.renderMarkup(Unknown Source)
	at lithium.tapestry.services.trace.AbstractAppTraceMarkupRendererFilter.renderMarkup(AbstractAppTraceMarkupRendererFilter.java:85)
	at $MarkupRenderer_a0d189800a10e5.renderMarkup(Unknown Source)
	at lithium.tapestry.services.trace.AbstractAppTraceMarkupRendererFilter.renderMarkup(AbstractAppTraceMarkupRendererFilter.java:85)
	at $MarkupRenderer_a0d189800a10e5.renderMarkup(Unknown Source)
	at lithium.tapestry.services.trace.AbstractAppTraceMarkupRendererFilter.renderMarkup(AbstractAppTraceMarkupRendererFilter.java:85)
	at $MarkupRenderer_a0d189800a10e5.renderMarkup(Unknown Source)
	at org.apache.tapestry5.services.TapestryModule$31.renderMarkup(TapestryModule.java:1993)
	at $MarkupRenderer_a0d189800a10e5.renderMarkup(Unknown Source)
	at org.apache.tapestry5.services.TapestryModule$30.renderMarkup(TapestryModule.java:1977)
	at $MarkupRenderer_a0d189800a10e5.renderMarkup(Unknown Source)
	at lithium.tapestry.services.trace.AbstractAppTraceMarkupRendererFilter.renderMarkup(AbstractAppTraceMarkupRendererFilter.java:85)
	at $MarkupRendererFilter_a0d189800a10e3.renderMarkup(Unknown Source)
	at $MarkupRenderer_a0d189800a10e5.renderMarkup(Unknown Source)
	at lithium.tapestry.services.trace.AbstractAppTraceMarkupRendererFilter.renderMarkup(AbstractAppTraceMarkupRendererFilter.java:85)
	at $MarkupRenderer_a0d189800a10e5.renderMarkup(Unknown Source)
	at lithium.tapestry.services.trace.AbstractAppTraceMarkupRendererFilter.renderMarkup(AbstractAppTraceMarkupRendererFilter.java:85)
	at $MarkupRenderer_a0d189800a10e5.renderMarkup(Unknown Source)
	at lithium.tapestry.services.trace.AbstractAppTraceMarkupRendererFilter.renderMarkup(AbstractAppTraceMarkupRendererFilter.java:85)
	at $MarkupRenderer_a0d189800a10e5.renderMarkup(Unknown Source)
	at lithium.tapestry.services.trace.AbstractAppTraceMarkupRendererFilter.renderMarkup(AbstractAppTraceMarkupRendererFilter.java:85)
	at $MarkupRenderer_a0d189800a10e5.renderMarkup(Unknown Source)
	at org.apache.tapestry5.services.TapestryModule$29.renderMarkup(TapestryModule.java:1959)
	at $MarkupRenderer_a0d189800a10e5.renderMarkup(Unknown Source)
	at lithium.web2.services.util.TapestryDefaultCssMarkupRenderer.renderMarkup(TapestryDefaultCssMarkupRenderer.java:59)
	at $MarkupRenderer_a0d189800a10e5.renderMarkup(Unknown Source)
	at org.apache.tapestry5.services.TapestryModule$27.renderMarkup(TapestryModule.java:1930)
	at $MarkupRenderer_a0d189800a10e5.renderMarkup(Unknown Source)
	at org.apache.tapestry5.services.TapestryModule$26.renderMarkup(TapestryModule.java:1912)
	at $MarkupRenderer_a0d189800a10e5.renderMarkup(Unknown Source)
	at org.apache.tapestry5.services.TapestryModule$25.renderMarkup(TapestryModule.java:1893)
	at $MarkupRenderer_a0d189800a10e5.renderMarkup(Unknown Source)
	at $MarkupRenderer_a0d189800a1084.renderMarkup(Unknown Source)
	at org.apache.tapestry5.internal.services.PageMarkupRendererImpl.renderPageMarkup(PageMarkupRendererImpl.java:47)
	at $PageMarkupRenderer_a0d189800a1077.renderPageMarkup(Unknown Source)
	at org.apache.tapestry5.internal.services.PageResponseRendererImpl.renderPageResponse(PageResponseRendererImpl.java:67)
	at $PageResponseRenderer_a0d189800a0d4c.renderPageResponse(Unknown Source)
	at org.apache.tapestry5.internal.services.PageRenderRequestHandlerImpl.handle(PageRenderRequestHandlerImpl.java:64)
	at lithium.web2.services.reporting.ReportingPageContextRequestFilter.handle(ReportingPageContextRequestFilter.java:71)
	at $PageRenderRequestHandler_a0d189800a0d4e.handle(Unknown Source)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.delegate(AbstractAppTracePageRenderRequestFilter.java:62)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.delegate(AbstractAppTracePageRenderRequestFilter.java:39)
	at lithium.tapestry.services.trace.AbstractAppTraceRequestHandler.handle(AbstractAppTraceRequestHandler.java:143)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.handle(AbstractAppTracePageRenderRequestFilter.java:39)
	at $PageRenderRequestHandler_a0d189800a0d4e.handle(Unknown Source)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.delegate(AbstractAppTracePageRenderRequestFilter.java:62)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.delegate(AbstractAppTracePageRenderRequestFilter.java:39)
	at lithium.tapestry.services.trace.AbstractAppTraceRequestHandler.handle(AbstractAppTraceRequestHandler.java:143)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.handle(AbstractAppTracePageRenderRequestFilter.java:39)
	at $PageRenderRequestHandler_a0d189800a0d4e.handle(Unknown Source)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.delegate(AbstractAppTracePageRenderRequestFilter.java:62)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.delegate(AbstractAppTracePageRenderRequestFilter.java:39)
	at lithium.tapestry.services.trace.AbstractAppTraceRequestHandler.handle(AbstractAppTraceRequestHandler.java:143)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.handle(AbstractAppTracePageRenderRequestFilter.java:39)
	at $PageRenderRequestHandler_a0d189800a0d4e.handle(Unknown Source)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.delegate(AbstractAppTracePageRenderRequestFilter.java:62)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.delegate(AbstractAppTracePageRenderRequestFilter.java:39)
	at lithium.tapestry.services.trace.AbstractAppTraceRequestHandler.handle(AbstractAppTraceRequestHandler.java:143)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.handle(AbstractAppTracePageRenderRequestFilter.java:39)
	at $PageRenderRequestHandler_a0d189800a0d4e.handle(Unknown Source)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.delegate(AbstractAppTracePageRenderRequestFilter.java:62)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.delegate(AbstractAppTracePageRenderRequestFilter.java:39)
	at lithium.tapestry.services.trace.AbstractAppTraceRequestHandler.handle(AbstractAppTraceRequestHandler.java:143)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.handle(AbstractAppTracePageRenderRequestFilter.java:39)
	at $PageRenderRequestHandler_a0d189800a0d4e.handle(Unknown Source)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.delegate(AbstractAppTracePageRenderRequestFilter.java:62)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.delegate(AbstractAppTracePageRenderRequestFilter.java:39)
	at lithium.tapestry.services.trace.AbstractAppTraceRequestHandler.handle(AbstractAppTraceRequestHandler.java:143)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.handle(AbstractAppTracePageRenderRequestFilter.java:39)
	at $PageRenderRequestHandler_a0d189800a0d4e.handle(Unknown Source)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.delegate(AbstractAppTracePageRenderRequestFilter.java:62)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.delegate(AbstractAppTracePageRenderRequestFilter.java:39)
	at lithium.tapestry.services.trace.AbstractAppTraceRequestHandler.handle(AbstractAppTraceRequestHandler.java:143)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.handle(AbstractAppTracePageRenderRequestFilter.java:39)
	at $PageRenderRequestHandler_a0d189800a0d4e.handle(Unknown Source)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.delegate(AbstractAppTracePageRenderRequestFilter.java:62)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.delegate(AbstractAppTracePageRenderRequestFilter.java:39)
	at lithium.tapestry.services.trace.AbstractAppTraceRequestHandler.handle(AbstractAppTraceRequestHandler.java:143)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.handle(AbstractAppTracePageRenderRequestFilter.java:39)
	at $PageRenderRequestHandler_a0d189800a0d4e.handle(Unknown Source)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.delegate(AbstractAppTracePageRenderRequestFilter.java:62)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.delegate(AbstractAppTracePageRenderRequestFilter.java:39)
	at lithium.tapestry.services.trace.AbstractAppTraceRequestHandler.handle(AbstractAppTraceRequestHandler.java:143)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestFilter.handle(AbstractAppTracePageRenderRequestFilter.java:39)
	at $PageRenderRequestHandler_a0d189800a0d4e.handle(Unknown Source)
	at org.apache.tapestry5.services.TapestryModule$38.handle(TapestryModule.java:2221)
	at $PageRenderRequestHandler_a0d189800a0d4e.handle(Unknown Source)
	at lithium.studio.web.common.services.publish.PublishWorkflowPageRenderRequestHandler.handle(PublishWorkflowPageRenderRequestHandler.java:67)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.delegate(AbstractAppTracePageRenderRequestHandler.java:49)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.delegate(AbstractAppTracePageRenderRequestHandler.java:35)
	at lithium.tapestry.services.trace.AbstractAppTraceRequestHandler.handle(AbstractAppTraceRequestHandler.java:122)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.handle(AbstractAppTracePageRenderRequestHandler.java:35)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.delegate(AbstractAppTracePageRenderRequestHandler.java:49)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.delegate(AbstractAppTracePageRenderRequestHandler.java:35)
	at lithium.tapestry.services.trace.AbstractAppTraceRequestHandler.handle(AbstractAppTraceRequestHandler.java:122)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.handle(AbstractAppTracePageRenderRequestHandler.java:35)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.delegate(AbstractAppTracePageRenderRequestHandler.java:49)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.delegate(AbstractAppTracePageRenderRequestHandler.java:35)
	at lithium.tapestry.services.trace.AbstractAppTraceRequestHandler.handle(AbstractAppTraceRequestHandler.java:122)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.handle(AbstractAppTracePageRenderRequestHandler.java:35)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.delegate(AbstractAppTracePageRenderRequestHandler.java:49)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.delegate(AbstractAppTracePageRenderRequestHandler.java:35)
	at lithium.tapestry.services.trace.AbstractAppTraceRequestHandler.handle(AbstractAppTraceRequestHandler.java:122)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.handle(AbstractAppTracePageRenderRequestHandler.java:35)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.delegate(AbstractAppTracePageRenderRequestHandler.java:49)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.delegate(AbstractAppTracePageRenderRequestHandler.java:35)
	at lithium.tapestry.services.trace.AbstractAppTraceRequestHandler.handle(AbstractAppTraceRequestHandler.java:122)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.handle(AbstractAppTracePageRenderRequestHandler.java:35)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.delegate(AbstractAppTracePageRenderRequestHandler.java:49)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.delegate(AbstractAppTracePageRenderRequestHandler.java:35)
	at lithium.tapestry.services.trace.AbstractAppTraceRequestHandler.handle(AbstractAppTraceRequestHandler.java:122)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.handle(AbstractAppTracePageRenderRequestHandler.java:35)
	at lithium.studio.web.common.services.StudioPublishPreviewPageRenderRequestHandlerDecorator.handle(StudioPublishPreviewPageRenderRequestHandlerDecorator.java:49)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.delegate(AbstractAppTracePageRenderRequestHandler.java:49)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.delegate(AbstractAppTracePageRenderRequestHandler.java:35)
	at lithium.tapestry.services.trace.AbstractAppTraceRequestHandler.handle(AbstractAppTraceRequestHandler.java:122)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.handle(AbstractAppTracePageRenderRequestHandler.java:35)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.delegate(AbstractAppTracePageRenderRequestHandler.java:49)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.delegate(AbstractAppTracePageRenderRequestHandler.java:35)
	at lithium.tapestry.services.trace.AbstractAppTraceRequestHandler.handle(AbstractAppTraceRequestHandler.java:122)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.handle(AbstractAppTracePageRenderRequestHandler.java:35)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.delegate(AbstractAppTracePageRenderRequestHandler.java:49)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.delegate(AbstractAppTracePageRenderRequestHandler.java:35)
	at lithium.tapestry.services.trace.AbstractAppTraceRequestHandler.handle(AbstractAppTraceRequestHandler.java:122)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.handle(AbstractAppTracePageRenderRequestHandler.java:35)
	at lithium.wireless.web.common.services.WirelessSupportPageRenderRequestHandlerDecorator.handle(WirelessSupportPageRenderRequestHandlerDecorator.java:84)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.delegate(AbstractAppTracePageRenderRequestHandler.java:49)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.delegate(AbstractAppTracePageRenderRequestHandler.java:35)
	at lithium.tapestry.services.trace.AbstractAppTraceRequestHandler.handle(AbstractAppTraceRequestHandler.java:122)
	at lithium.tapestry.services.trace.AbstractAppTracePageRenderRequestHandler.handle(AbstractAppTracePageRenderRequestHandler.java:35)
	at lithium.web2.services.exceptions.ExceptionPageRenderRequestHandlerDecorator.handle(ExceptionPageRenderRequestHandlerDecorator.java:72)
	at lithium.lia.components.tapestry.services.page.CurrentPagePageRenderRequestHandlerDecorator.handle(CurrentPagePageRenderRequestHandlerDecorator.java:83)
	at $PageRenderRequestHandler_a0d189800a0d40.handle(Unknown Source)
	at org.apache.tapestry5.internal.services.ComponentRequestHandlerTerminator.handlePageRender(ComponentRequestHandlerTerminator.java:48)
	at org.apache.tapestry5.services.InitializeActivePageName.handlePageRender(InitializeActivePageName.java:47)
	at $ComponentRequestHandler_a0d189800a0d41.handlePageRender(Unknown Source)
	at $ComponentRequestHandler_a0d189800a0cf0.handlePageRender(Unknown Source)
	at org.apache.tapestry5.internal.services.PageRenderDispatcher.dispatch(PageRenderDispatcher.java:45)
	at $Dispatcher_a0d189800a0cf3.dispatch(Unknown Source)
	at $Dispatcher_a0d189800a0cce.dispatch(Unknown Source)
	at org.apache.tapestry5.services.TapestryModule$RequestHandlerTerminator.service(TapestryModule.java:302)
	at lithium.web2.services.feature.PageVersionRequestFilter.service(PageVersionRequestFilter.java:185)
	at $RequestHandler_a0d189800a0ccf.service(Unknown Source)
	at lithium.web2.services.search.SearchRequestFilter.service(SearchRequestFilter.java:95)
	at $RequestHandler_a0d189800a0ccf.service(Unknown Source)
	at lithium.web2.services.routes.RoutesFilter.service(RoutesFilter.java:109)
	at $RequestHandler_a0d189800a0ccf.service(Unknown Source)
	at lithium.web2.services.mobile.MobileRequestFilter.service(MobileRequestFilter.java:174)
	at $RequestHandler_a0d189800a0ccf.service(Unknown Source)
	at lithium.kudos.web.common.services.KudosRewriteFilter.service(KudosRewriteFilter.java:79)
	at $RequestHandler_a0d189800a0ccf.service(Unknown Source)
	at lithium.wireless.web.common.services.WirelessRequestFilter.service(WirelessRequestFilter.java:186)
	at $RequestHandler_a0d189800a0ccf.service(Unknown Source)
	at lithium.web2.services.seourl.SeoRequestFilter.service(SeoRequestFilter.java:80)
	at $RequestHandler_a0d189800a0ccf.service(Unknown Source)
	at org.apache.tapestry5.internal.services.RequestErrorFilter.service(RequestErrorFilter.java:26)
	at $RequestHandler_a0d189800a0ccf.service(Unknown Source)
	at org.apache.tapestry5.services.TapestryModule$3.service(TapestryModule.java:902)
	at $RequestHandler_a0d189800a0ccf.service(Unknown Source)
	at org.apache.tapestry5.services.TapestryModule$2.service(TapestryModule.java:892)
	at $RequestHandler_a0d189800a0ccf.service(Unknown Source)
	at org.apache.tapestry5.internal.services.StaticFilesFilter.service(StaticFilesFilter.java:90)
	at $RequestHandler_a0d189800a0ccf.service(Unknown Source)
	at $RequestHandler_a0d189800a0cb7.service(Unknown Source)
	at org.apache.tapestry5.services.TapestryModule$HttpServletRequestHandlerTerminator.service(TapestryModule.java:253)
	at lithium.appcreator.web.common.services.AppSelectorServletRequestFilter.service(AppSelectorServletRequestFilter.java:66)
	at $HttpServletRequestHandler_a0d189800a0cb8.service(Unknown Source)
	at org.apache.tapestry5.upload.internal.services.MultipartServletRequestFilter.service(MultipartServletRequestFilter.java:44)
	at $HttpServletRequestHandler_a0d189800a0cb8.service(Unknown Source)
	at org.apache.tapestry5.internal.services.IgnoredPathsFilter.service(IgnoredPathsFilter.java:62)
	at $HttpServletRequestFilter_a0d189800a0cb3.service(Unknown Source)
	at $HttpServletRequestHandler_a0d189800a0cb8.service(Unknown Source)
	at lithium.web2.services.request.LiaContextHttpServletRequestFilter.service(LiaContextHttpServletRequestFilter.java:64)
	at $HttpServletRequestHandler_a0d189800a0cb8.service(Unknown Source)
	at org.apache.tapestry5.services.TapestryModule$1.service(TapestryModule.java:852)
	at $HttpServletRequestHandler_a0d189800a0cb8.service(Unknown Source)
	at $HttpServletRequestHandler_a0d189800a0c3a.service(Unknown Source)
	at org.apache.tapestry5.TapestryFilter.doFilter(TapestryFilter.java:171)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.ContentSecurityPolicyHeaderFilter.doHttpFilter(ContentSecurityPolicyHeaderFilter.java:48)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.trace.AppTracedHttpFilter.doHttpFilter(AppTracedHttpFilter.java:112)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.HttpRequestContextFilter.doHttpFilter(HttpRequestContextFilter.java:77)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.MaskedIpFilter.doHttpFilter(MaskedIpFilter.java:84)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.HashedIpFilter.doHttpFilter(HashedIpFilter.java:166)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.boards.servlet.pagecache.AnonymousPageCacheManager.doHttpFilter(AnonymousPageCacheManager.java:139)
	at lithium.boards.servlet.pagecache.AnonymousPageCacheFilter.doHttpFilter(AnonymousPageCacheFilter.java:44)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.boards.servlet.pagecache.PageCacheManager.doHttpFilter(PageCacheManager.java:403)
	at lithium.boards.servlet.pagecache.PageCacheFilter.doHttpFilter(PageCacheFilter.java:40)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.trace.AppTracedHttpFilter.doHttpFilter(AppTracedHttpFilter.java:112)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.trace.AppTracedHttpFilter.doHttpFilter(AppTracedHttpFilter.java:112)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.traffic.visitor.VisitorFilter.doHttpFilter(VisitorFilter.java:48)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.trace.AppTracedHttpFilter.doHttpFilter(AppTracedHttpFilter.java:112)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.ratelimit.UserRateLimitFilter.doHttpFilter(UserRateLimitFilter.java:51)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.session.UserSessionFilter.doHttpFilter(UserSessionFilter.java:321)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.webui.http.filter.HystrixRequestContextFilter.doHttpFilter(HystrixRequestContextFilter.java:47)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.MultipartRequestHttpFilter.doHttpFilter(MultipartRequestHttpFilter.java:46)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.MimeFilter.doHttpFilter(MimeFilter.java:37)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.limit.StandardLimitPool.processRequest(StandardLimitPool.java:895)
	at lithium.servlet.limit.StandardLimitManager.processRequest(StandardLimitManager.java:192)
	at lithium.servlet.limit.LimitFilter.doHttpFilter(LimitFilter.java:71)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.RequestTransformFilter.doHttpFilter(RequestTransformFilter.java:72)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.trace.AppTracedHttpFilter.doHttpFilter(AppTracedHttpFilter.java:112)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.SetHeaderValidationFilter.doHttpFilter(SetHeaderValidationFilter.java:52)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.SessionIdStripperFilter.doHttpFilter(SessionIdStripperFilter.java:44)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.trace.AppTracedHttpFilter.doHttpFilter(AppTracedHttpFilter.java:112)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.redirect.SeoRedirectFilter.doHttpFilter(SeoRedirectFilter.java:72)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.metric.OTelWebVitalsFilter.doHttpFilter(OTelWebVitalsFilter.java:93)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.trace.OpenTelemetryAppTraceProvider.wrapServletRequest(OpenTelemetryAppTraceProvider.java:690)
	at lithium.trace.IsEnabledOpenTelemetryAppTraceProviderDecorator.wrapServletRequest(IsEnabledOpenTelemetryAppTraceProviderDecorator.java:209)
	at lithium.trace.StandardAppTraceManager.wrapServletRequest(StandardAppTraceManager.java:434)
	at lithium.trace.AppTraceFilter.doHttpFilter(AppTraceFilter.java:58)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.session.ReplicatedSessionFilter.doFilter(ReplicatedSessionFilter.java:57)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.rewrite.RewriteFilter.doHttpFilter(RewriteFilter.java:393)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.FacebookSignedRequestFilter.doHttpFilter(FacebookSignedRequestFilter.java:134)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.BlackboxFilter.doHttpFilter(BlackboxFilter.java:93)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.OperationsLoggingFilter.doHttpFilter(OperationsLoggingFilter.java:117)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.tracking.MailLinksTrackingFilter.doHttpFilter(MailLinksTrackingFilter.java:106)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.tracking.TrackingManager.doHttpFilter(TrackingManager.java:255)
	at lithium.servlet.tracking.TrackingFilter.doHttpFilter(TrackingFilter.java:25)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.boards.servlet.ClearStateFilter.doHttpFilter(ClearStateFilter.java:69)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.util.http.GenericFilter.doHttpFilter(GenericFilter.java:21)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.NotSecureSessionCookieFilter.doHttpFilter(NotSecureSessionCookieFilter.java:80)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.AccessCheckFilter.doHttpFilter(AccessCheckFilter.java:110)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.util.servlet.P3PHeaderFilter.doHttpFilter(P3PHeaderFilter.java:79)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.VanityHostnameRedirectFilter.doHttpFilter(VanityHostnameRedirectFilter.java:125)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.CanonicalIpFilter.doHttpFilter(CanonicalIpFilter.java:50)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.ForwardedHeadersFilter.doHttpFilter(ForwardedHeadersFilter.java:287)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.funnel.FunnelManager.doHttpFilter(FunnelManager.java:74)
	at lithium.servlet.funnel.FunnelFilter.doHttpFilter(FunnelFilter.java:41)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at lithium.util.http.DelegatingApplicationFilterProxy.doFilter(DelegatingApplicationFilterProxy.java:184)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.apps.main.container.filters.ApplicationSelectorFilter.doHttpFilter(ApplicationSelectorFilter.java:186)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.PutTomcatRequestinAttributeFilter.doFilter(PutTomcatRequestinAttributeFilter.java:60)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:57)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at lithium.servlet.ThreadNameFilter.doHttpFilter(ThreadNameFilter.java:49)
	at lithium.util.http.HttpFilter.doFilter(HttpFilter.java:44)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:492)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:165)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
	at lithium.apps.main.webserver.Tomcat70Bootstrap$2.invoke(Tomcat70Bootstrap.java:383)
	at lithium.apps.main.webserver.Tomcat70Bootstrap$1.invoke(Tomcat70Bootstrap.java:336)
	at lithium.apps.main.webserver.SessionIdValidator.invoke(SessionIdValidator.java:107)
	at lithium.apps.main.webserver.ApplicationWebserverConfigurationValve.invoke(ApplicationWebserverConfigurationValve.java:69)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:452)
	at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:190)
	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:654)
	at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:317)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.lang.Thread.run(Thread.java:750)
Caused by: java.io.FileNotFoundException: /home/lithium/customer/splunk2.prod/plugins.export/custom/splunk/splunk2/prod/res/macros/theme-lib.common-functions.ftl (No such file or directory)
	at java.io.FileInputStream.open0(Native Method)
	at java.io.FileInputStream.open(FileInputStream.java:195)
	at java.io.FileInputStream.<init>(FileInputStream.java:138)
	at java.io.FileInputStream.<init>(FileInputStream.java:93)
	at sun.net.www.protocol.file.FileURLConnection.connect(FileURLConnection.java:90)
	at sun.net.www.protocol.file.FileURLConnection.getInputStream(FileURLConnection.java:188)
	at freemarker.cache.URLTemplateSource.close(URLTemplateSource.java:126)
	at freemarker.cache.URLTemplateLoader.closeTemplateSource(URLTemplateLoader.java:60)
	at freemarker.cache.MultiTemplateLoader$MultiSource.close(MultiTemplateLoader.java:147)
	at freemarker.cache.MultiTemplateLoader.closeTemplateSource(MultiTemplateLoader.java:107)
	at freemarker.cache.TemplateCache.getTemplateInternal(TemplateCache.java:459)
	at freemarker.cache.TemplateCache.getTemplate(TemplateCache.java:292)
	at freemarker.template.Configuration.getTemplate(Configuration.java:2518)
	at freemarker.core.Environment.getTemplateForInclusion(Environment.java:2466)
	at freemarker.core.Environment.getTemplateForInclusion(Environment.java:2428)
	at freemarker.core.Environment.getTemplateForImporting(Environment.java:2587)
	at freemarker.core.Environment.importLib(Environment.java:2572)
	at freemarker.core.Environment.importLib(Environment.java:2539)
	at freemarker.core.LibraryLoad.accept(LibraryLoad.java:65)
	... 460 more
This widget could not be displayed.
This widget could not be displayed.
This widget could not be displayed.
Reply

mahendra5
New Member
‎07-13-2017 04:30 PM

@onimishra that is well explained and working great as far as rsyslog timestamp is not using milliseconds.
we introduced milliseconds in rsyslog and now the stacktraces are not aggregated as it does without miliseconds.

Using Docker syslog logging driver:

Case1: stack traces are captured well on splunk
rsyslog.conf/docker logs time stamp Format is -- > Jul 13 17:03:59

Case2: stack traces are again broken when
rsyslog.conf/docker logs time stamp Format is -- > 2017-07-13 19:02:49.549

This widget could not be displayed.
0 Karma
This widget could not be displayed.
This widget could not be displayed.
Reply

nickperry
Explorer
‎06-30-2016 12:32 PM

I downvoted this post because just the wrong way to approach the problem in my opinion, at least in the case that you control the application code. i guess there may be some merit to this syslog approach in a siloed environment.

This widget could not be displayed.
0 Karma
This widget could not be displayed.
This widget could not be displayed.
Reply

onimishra
Explorer
‎07-01-2016 02:12 AM

What application code are you referring to here - my service within my docker container, docker or splunk? I have made no changes to my own application code to get this to work and it is only the syslog from inside the docker container that is forwarded to the splunk server. If you have concerns about other applications or services sending data to port 514 on the splunk server, then bind it to something else and have the syslog driver send it to the new port.
Within your application you have access to the container id which you could put into the MDC during startup, in order to tell your instances from one another in the log.
If you want to centralise the splunk server, have a forwarder run on each machine that collects the data. See this for link for more on that approach. It is what my solution is based on.
http://blogs.splunk.com/2015/08/24/collecting-docker-logs-and-stats-with-splunk/

This widget could not be displayed.
0 Karma
This widget could not be displayed.
This widget could not be displayed.
Reply

lassemammen
Explorer
‎07-01-2016 02:35 AM

@onimishra There is definitely something to be said for not changing application code for specialised logging. My proposed change would render output virtually unusable for developers - could be solved by multiple loggers. Your approach is neat because it avoids containers going down or failing to start if Splunk is down or being upgraded (see https://github.com/docker/docker/issues/21966)

However, if you want to ensure log output is going to splunk UDP/syslog wouldn't fulfil this requirement (no ack). So as anything I would say it depends on your priorities and requirements. We have splunkforwarders running on each docker host and sending docker logs directly into them, so I would prefer modifying the code and using the HTTP event collector.

This widget could not be displayed.
0 Karma
This widget could not be displayed.
This widget could not be displayed.
Reply

lassemammen
Explorer
‎06-30-2016 02:09 AM

Cheers @nickperry, that's exactly what I've done now. For anybody interested, it seems the easiest way with log4j is to implement your own ThrowableRenderer, this is what we're using now:

package com.mypackage;

import org.apache.log4j.EnhancedThrowableRenderer;
import org.apache.log4j.spi.ThrowableRenderer;

public class CustomThrowableRenderer implements ThrowableRenderer {

    EnhancedThrowableRenderer renderer = new EnhancedThrowableRenderer();

    @Override
    public String[] doRender(Throwable t) {
        String[] output = new String[1];

        for (String line : renderer.doRender(t)) {
            output[0] += line.replace("\n", "") + "\\n";
        }

        return output;
    }
}

and add it to log4j custom as log4j.throwableRenderer=com.mypackage.CustomThrowableRenderer. Should be possible then to get splunk to interpret '\n' as a newline.

This widget could not be displayed.
This widget could not be displayed.
This widget could not be displayed.
Reply

kjoyner
Engager
‎07-29-2016 04:21 PM

Can you expand on "Should be possible then to get splunk to interpret '\n' as a newline". I was able to get the stacktraces to splunk with the '/n' in the output. However, Splunk is just showing me the logs with '/n' as a character in the line, not treating it as a newline. Makes reading the stacktraces difficult. Is there a trick to get splunk to interpret the '/n' as a newline.

This widget could not be displayed.
This widget could not be displayed.
This widget could not be displayed.
Reply

onimishra
Explorer
‎06-30-2016 03:17 AM

Well, if the interest is in the "line", I personally find it annoying that it is wrapped within a json object, instead of just outputting the line, when I make my searches.

This widget could not be displayed.
0 Karma
This widget could not be displayed.
This widget could not be displayed.
Reply

lassemammen
Explorer
‎06-30-2016 03:26 AM

Just use | spath path=line output=_raw in your searches

This widget could not be displayed.
0 Karma
This widget could not be displayed.
This widget could not be displayed.
Reply

onimishra
Explorer
‎06-30-2016 03:30 AM

But the indexer is unable to do that, and parse only the "line" segment, right?

This widget could not be displayed.
0 Karma
This widget could not be displayed.
This widget could not be displayed.
Reply

lassemammen
Explorer
‎06-30-2016 03:35 AM

Not sure what you're asking but if you mean field extractions that works fine for me by adding | extract to the query after the previously mentioned spath

This widget could not be displayed.
0 Karma
This widget could not be displayed.
This widget could not be displayed.
Reply

nickperry
Explorer
‎06-30-2016 02:50 AM

Cool. Thanks for the code. We have some applications that should benefit from this. Will try it shortly.

This widget could not be displayed.
0 Karma
This widget could not be displayed.
This widget could not be displayed.
Reply

onimishra
Explorer
‎06-30-2016 02:48 AM

How do you feel about the Search and Report statements being wrapped in JSON? (read this in a scientifically interested tone, not a judging one 😉 )

This widget could not be displayed.
0 Karma
This widget could not be displayed.
This widget could not be displayed.
Reply

nickperry
Explorer
‎06-30-2016 02:52 AM

Can you clarify what you mean?

This widget could not be displayed.
0 Karma
This widget could not be displayed.
This widget could not be displayed.
Reply

nickperry
Explorer
‎06-29-2016 08:51 AM

Whichever Docker log driver you use you'll face the same issue. Docker treats each line flushed to stdout / stderror as a separate event. This is perfectly reasonable behavior as it cannot know what constitutes the start and end of a multi-line log event.

I came to the conclusion the easiest way to address this was at source. Alter your log4j layout to escape the newlines in stack traces.

This widget could not be displayed.
This widget could not be displayed.
This widget could not be displayed.
Reply

tgotzsche
Engager
‎06-27-2016 11:13 PM

Splunk-guys - you really need to answer this....we have the same issue and are just about to purchase a Splunk Ent. license. But this is a show stopper for sure.....

This widget could not be displayed.
This widget could not be displayed.
This widget could not be displayed.
Reply
This widget could not be displayed.
This widget could not be displayed.
This widget could not be displayed.
This widget could not be displayed.
This widget could not be displayed.
This widget could not be displayed.
Get Updates on the Splunk Community!

Data Management Digest – December 2025

This widget could not be displayed.

Index This | What is broken 80% of the time by February?

This widget could not be displayed.

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...

This widget could not be displayed.
This widget could not be displayed.