prelude-manager trying to input text into bytea fields and failing
I found weird messages in my logs like this:
prelude-manager: could not insert message into database: Query error: ERROR: invalid input syntax for type bytea .
I did some investigating, and these log entries are happening every time one of my prelude-lml entries derived from ntsyslog comes in. Here's a dump from the manager's debug output:
additional_data(0): type: string (0) meaning: Log received from data: /var/log/winmessages additional_data(1): type: string (0) meaning: Original Log data: Apr 17 00:26:35 22.214.171.124 security[failure] 681 NT AUTHORITY\SYSTEM The logon to account: Administrator by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 from workstation: HOST-NAME failed. The error code was: 3221225578 could not insert message into database: Query error: ERROR: invalid input syntax for type bytea .
In the database, prelude_additionaldata's data field is indeed bytea! A cursory googling for this shows that we need to be using PQescapeBytea for this type of field.. Can someone fix this?
#3 Updated by Yoann VANDOORSELAERE over 13 years ago
PQescapeBytea() is already called in order to escape the data. Could you please edit your manager configuration file, and in the database configuration section, add the following settings:
log = /tmp/manager-query.log
Then arrange to reproduce the issue, and provide the failing SQL query available from the log file.