Implement log shipping to Graylog via GELF

[bnazare]

Proposed changes

• Shipping of logs to Graylog via GELF
• Wait for log flushing before application shutdown

Related issues

There are not related issues but this subject has been previously discussed with Linkare within the scope of the OpenCTI implementation for the CCB (https://ccb.belgium.be/).

Checklist

• I consider the submitted work as finished
• I tested the code for its functionality
• I wrote test cases for the relevant uses case (coverage and e2e)
• I added/update the relevant documentation (either on github or on notion)
• Where necessary I refactored code to improve the overall quality

Further comments

We added an extra step to the application shutdown so that it now waits for the loggers to flush. This was previously not very relevant but sending data via the network introduces some latency that makes this necessary. Failing to do so results in the loss of some of the last log messages. This is particularly critical in the cases where the application fails as those messages will probably include the details of the relevant error.

No new tests were added for this functionality as that would require setting up an integration testing environment containing at least a Graylog instance plus subordinate MongoDB and Elasticsearch instances. Furthermore, having the test communicate with Graylog, so as to assert that the logs where correctly stored, would not be a trivial implementation. All in all, we estimate the effort required to implement all of this would dwarf the effort put into such a small change.

On the other hand, the changes proposed are all opt-in so they shouldn't break any existing behaviour. The little code that is unavoidable will actually run on every startup and shutdown and thus all existing tests will at least validate that the new functionality has no negative effects when not explicitly enabled.

[codecov]

Codecov Report

Attention: Patch coverage is 71.59091% with 25 lines in your changes missing coverage. Please review.

Project coverage is 66.15%. Comparing base (7400123) to head (1a7d222).
Report is 38 commits behind head on master.

Files with missing lines	Patch %	Lines
opencti-platform/opencti-graphql/src/boot.js	0.00%	13 Missing ⚠️
...pencti-platform/opencti-graphql/src/config/conf.js	52.00%	12 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #8410      +/-   ##
==========================================
- Coverage   66.21%   66.15%   -0.07%     
==========================================
  Files         597      598       +1     
  Lines       60339    60462     +123     
  Branches     6202     6199       -3     
==========================================
+ Hits        39956    40000      +44     
- Misses      20383    20462      +79     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.