Configure vault agent to log to stdout?

joelezellLP · July 14, 2022, 6:37pm

Hi, we’re running into a problem with the Vault Agent when using GCP Logs (Stackdriver) to collect logs from our GKE pods. GCP shows all logs (even DEBUG level) as an ERROR level log. Per this bug, it looks like this is because the agent sends all logs to stderr instead of stdout. The discussion in the bug also indicates that this may be configurable. Does anybody know if there’s a way to change this (rather odd) behavior so that the agent logs to stdout instead of stderr?

github.com/hashicorp/vault

Vault agent - regular INFO logs sent to stderr instead of stdout

opened 01:04PM - 16 Sep 19 UTC

closed 10:17PM - 02 Dec 19 UTC

Constantin07

enhancement waiting-for-response core/log

**Describe the bug** When running vault in agent mode - the informational log… messages are sent to `stderr` stream instead of `stdout`. Then shipping these logs from vault containers into SumoLogic creates a mess when trying to filter/capture errors of vault agent and other services in a Pod. I don't understand why informational logs are sent to stderr. [INFO] - is not an error. **To Reproduce** Steps to reproduce the behavior: 1. Run `vault agent -config /etc/vault/agent.hcl` 2. The output pushed to `stderr` is: ``` ==> Vault server started! Log data will stream in below: ==> Vault agent configuration: Api Address 1: http://127.0.0.1:8200 Cgo: disabled Log Level: info Version: Vault v1.1.5 Version Sha: f08b88029d959e1318746b188fecaad54468230b 2019-09-16T11:09:30.949Z [INFO] auth.handler: starting auth handler 2019-09-16T11:09:30.949Z [INFO] auth.handler: authenticating 2019-09-16T11:09:30.949Z [INFO] sink.server: starting sink server 2019-09-16T11:09:31.083Z [INFO] auth.handler: authentication successful, sending token to sinks 2019-09-16T11:09:31.083Z [INFO] auth.handler: starting renewal process 2019-09-16T11:09:31.103Z [INFO] auth.handler: renewed auth token 2019-09-16T11:09:31.223Z [INFO] cache: received request: method=GET path=/ 2019-09-16T11:09:31.228Z [INFO] cache.apiproxy: forwarding request: method=GET path=/ ... ``` **Expected behavior** [INFO] log messages should be sent to `stdout` and not `stderr`. **Environment:** * Vault CLI Version (retrieve with `vault version`): ```Vault v1.1.5 ('f08b88029d959e1318746b188fecaad54468230b')``` * Server Operating System/Architecture: MacOS, Ubuntu Linux 18.04 Vault agent configuration file(s): /etc/vault/agent.hcl: ```hcl pid_file = "/vault/vault_agent.pid" vault { address = "127.0.0.1" } auto_auth { method "kubernetes" { config { role = "some_role_name" } } } cache { use_auto_auth_token = true } listener "tcp" { address = "127.0.0.1:8200" tls_disable = true } ``` **Additional context** None.