Hi Attached all files. /etc/graylog2.conf /etc/elasticsearch/elasticsearch.yml /usr/local/gray/graylog2-web-interface-0.20.0-preview.8/conf/graylog2-web-interface.conf
BR, -Sonu. On Tue, Jan 7, 2014 at 11:36 AM, <[email protected]> wrote: > Today's Topic Summary > > Group: http://groups.google.com/group/graylog2/topics > > - Graylog2 Preview 8 errors trying to create an input ( or view > node(s) ) or view > logging.<https://mail.google.com/mail/u/0/html/compose/static_files/blank_quirks.html#1436e353ede64cbe_group_thread_0>[5 > Updates] > - Best Method to Decommission Elasticsearch > node?<https://mail.google.com/mail/u/0/html/compose/static_files/blank_quirks.html#1436e353ede64cbe_group_thread_1>[3 > Updates] > - Present Graylog2 in San > Francisco?<https://mail.google.com/mail/u/0/html/compose/static_files/blank_quirks.html#1436e353ede64cbe_group_thread_2>[1 > Update] > - errros with > graylog2-server-0.20.0-preive.8<https://mail.google.com/mail/u/0/html/compose/static_files/blank_quirks.html#1436e353ede64cbe_group_thread_3>[3 > Updates] > - Digest for [email protected] - 6 Messages in 2 > Topics<https://mail.google.com/mail/u/0/html/compose/static_files/blank_quirks.html#1436e353ede64cbe_group_thread_4>[1 > Update] > > Graylog2 Preview 8 errors trying to create an input ( or view node(s) ) > or view logging.<http://groups.google.com/group/graylog2/t/19ce57ae86082024> > > Lennart Koopmann <[email protected]> Jan 06 09:22PM +0100 > > Can you post your graylog2.conf and your graylog2-web-interface.conf? > Thanks! > > I am suspecting that this is somehow related no node discovery and > configured rest_transport addresses. > > On Mon, Jan 6, 2014 at 8:30 PM, Joseph Kondel > > > > > Joseph Kondel <[email protected]> Jan 06 01:19PM -0800 > > Hi Lennart, > > graylog2-web-interface.conf: > > # graylog2-server REST URIs (one or more, comma separated) For > example: > "http://127.0.0.1:12900/,http://127.0.0.1:12910/"; > graylog2-server.uris="http://127.0.0.1:12900/"; > > # Secret key > # ~~~~~ > # The secret key is used to secure cryptographics functions. Set this > to a > long and randomly generated string. > # If you deploy your application to several instances be sure to use > the > same key! > # Generate for example with: pwgen -s 96 > application.secret="OMITTED" > > # Web interface timezone > # Graylog2 stores all timestamps in UTC. To properly display times, > set the > default timezone of the interface. > # If you leave this out, Graylog2 will pick your system default as the > timezone. Usually you will want to configure it explicitly. > # timezone="Europe/Berlin" > > graylog2.conf ( I've removed comments and commented out settings that > I > didn't touch ): > > is_master = true > node_id_file = /etc/graylog2-server-node-id > password_secret = OMITTED > root_password_sha2 = OMITTED > plugin_dir = plugin > rest_listen_uri = http://127.0.0.1:12900/ > elasticsearch_max_docs_per_index = 20000000 > elasticsearch_max_number_of_indices = 20 > retention_strategy = delete > elasticsearch_shards = 4 > elasticsearch_replicas = 0 > elasticsearch_index_prefix = graylog2 > elasticsearch_analyzer = standard > output_batch_size = 5000 > processbuffer_processors = 5 > outputbuffer_processors = 5 > processor_wait_strategy = blocking > ring_size = 1024 > mongodb_useauth = false > mongodb_host = 127.0.0.1 > mongodb_database = graylog2 > mongodb_port = 27017 > mongodb_max_connections = 100 > mongodb_threads_allowed_to_block_multiplier = 5 > > I've not tried specifically setting the rest_transport_uri as the > comments > before it lead me to believe it'll default to the first non-loopback > address. I've confirmed that the rest API is responding by curling the > non-loopback address based on the api documented here: > http://docs.graylog2.apiary.io/ > > ex: > > curl http://10.0.2.15:12900/count/total > {"events":0} > > Although interestingly "curl http://10.0.2.15:12900/cluster/nodes"; > doesn't > return anything. Not sure if it's supposed to before I actually > configure > an input or not. > > Thanks, > Joe > > On Monday, January 6, 2014 3:22:17 PM UTC-5, lennart wrote: > > > > > Lennart Koopmann <[email protected]> Jan 07 12:04PM +0100 > > Can you post the output of the node discovery curl call with verbose > output? > > curl -v http://10.0.2.15:12900/cluster/nodes > > ...and also the way the web interface will try to connect: > > curl -v http://127.0.0.1:12900/cluster/nodes > > Thank you! :) > > On Mon, Jan 6, 2014 at 10:19 PM, Joseph Kondel > > > > > Joseph Kondel <[email protected]> Jan 07 05:11AM -0800 > > [vagrant@centos64 conf]$ curl -v http://10.0.2.15:12900/cluster/nodes > * About to connect() to 10.0.2.15 port 12900 (#0) > * Trying 10.0.2.15... connected > * Connected to 10.0.2.15 (10.0.2.15) port 12900 (#0) > > GET /cluster/nodes HTTP/1.1 > > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 > NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2 > > Host: 10.0.2.15:12900 > > Accept: */* > > < HTTP/1.1 404 Not Found > < Transfer-Encoding: chunked > < > * Connection #0 to host 10.0.2.15 left intact > * Closing connection #0 > > and > > [vagrant@centos64 conf]$ curl -v http://127.0.0.1:12900/cluster/nodes > * About to connect() to 127.0.0.1 port 12900 (#0) > * Trying 127.0.0.1... connected > * Connected to 127.0.0.1 (127.0.0.1) port 12900 (#0) > > GET /cluster/nodes HTTP/1.1 > > User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 > NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2 > > Host: 127.0.0.1:12900 > > Accept: */* > > < HTTP/1.1 404 Not Found > < Transfer-Encoding: chunked > < > * Connection #0 to host 127.0.0.1 left intact > * Closing connection #0 > > -joe > > On Tuesday, January 7, 2014 6:04:12 AM UTC-5, lennart wrote: > > > > > Lennart Koopmann <[email protected]> Jan 07 08:32PM +0100 > > Sorry, I meant > > curl -XGET http://127.0.0.1:12900/system/cluster/nodes -v > > and > > curl -XGET http://10.0.2.15:12900/system/cluster/nodes -v > > On Tue, Jan 7, 2014 at 2:11 PM, Joseph Kondel > > > > Best Method to Decommission Elasticsearch > node?<http://groups.google.com/group/graylog2/t/a7f206de8ec0f8b8> > > Jeremy Farr <[email protected]> Jan 06 12:36PM -0800 > > Ok, great. Thanks Lennart. I'm not sure what I did when initially > setting > my elasticsearch cluster but I'm not seeing any replicas based on my > viewing the bigdesk plugin and the es head plugin. I should be able to > correct the number of replicas anytime, correct? > > On Thursday, January 2, 2014 2:38:07 PM UTC-6, lennart wrote: > > > > > Lennart Koopmann <[email protected]> Jan 07 12:13PM +0100 > > Yes. This will reflect any new index that is created by Graylog2. > > To change the replica settings of already existing indices you can > query ElasticSearch directly: > > > http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/indices-update-settings.html > > > > > > Jeremy Farr <[email protected]> Jan 07 09:44AM -0800 > > Worked like a charm. Thanks again. > > On Tuesday, January 7, 2014 5:13:29 AM UTC-6, lennart wrote: > > > > Present Graylog2 in San > Francisco?<http://groups.google.com/group/graylog2/t/efee379c46128652> > > Dave Mangot <[email protected]> Jan 06 11:41AM -0800 > > I'm the organizer for the SF Logging MeetUp group. Would anyone be > willing to do a presentation on Graylog2 or how they use it to the > MeetUp > group? > > (if you want to present on any other logging topics, that's cool too!) > > If so, please contact me. > > Thanks, > > -Dave > > > > errros with > graylog2-server-0.20.0-preive.8<http://groups.google.com/group/graylog2/t/65ed11887c339d08> > > Sunu <[email protected]> Jan 06 01:35PM -0800 > > Hi Jane, > > I am running Redhat 6.3 kernel ver - 2.6.32-279.el6.x86_64, I did not > found > rpm for elasticsearch. I downloded tar.ball and extracted. The version > is > - /usr/local/gray/elasticsearch-0.90.7. > > Yml PATH is - > /usr/local/gray/elasticsearch-0.90.7/config/elasticsearch.yml link to > /etc/graylog2-elasticsearch.yml > > Regrards, > -Sunil. > > On Sunday, January 5, 2014 1:00:50 AM UTC-8, jane white wrote: > > > > > > Sunu <[email protected]> Jan 06 06:06PM -0800 > > Found rpm version for redhat and installed and make the two changes as > cluster.name and node.name, seems same issues. > > -Sunil. > > On Monday, January 6, 2014 1:35:51 PM UTC-8, Sunu wrote: > > > > > > Sandro Roth <[email protected]> Jan 06 11:47PM -0800 > > Hi Sunu > > You should not need to link your elasticsearch config file > to /etc/graylog2-elasticsearch.yml. > All you need is to set up elasticsearch and point graylog to it. > > So install elasticsearch (preferably with the rpm, tarball works too) > and > change 'cluster.name' in it's configuration to some name of your > choice. > After that start it and make sure it works! You can check that by > connecting to the api: > > # curl 'http://127.0.0.1:9200/_status?pretty=true' > > Now change 'elasticsearch_cluster_name' in your graylog config to the > same > name and try to start it again. > Make your you don't have any typos in there... > > # grep -v ^# /etc/elasticsearch/elasticsearch.yml /etc/graylog2.conf | > grep cluster > /etc/elasticsearch/elasticsearch.yml:cluster.name: graylog_new > /etc/graylog2.conf:elasticsearch_cluster_name = graylog_new > > > Hope that helps. > Sandro > > > On Tuesday, January 7, 2014 3:06:16 AM UTC+1, Sunu wrote: > > > > Digest for [email protected] - 6 Messages in 2 > Topics<http://groups.google.com/group/graylog2/t/bc16a7a4d01edd23> > > SUNIL NAIK <[email protected]> Jan 06 01:27PM -0800 > > Hi Sebastien, > > Here is update about graylog2.conf and /etc/gaylog2-elasticsearch.yml. > > # grep "cluster.name" /etc/graylog2-elasticsearch.yml > cluster.name: "graylog2" > > grep "cluster_name" /etc/graylog2.conf > elasticsearch_cluster_name = "graylog2" > > > Server start but getting this error. > > 2014-01-06 13:24:07,069 DEBUG: > org.elasticsearch.indices.fielddata.cache - > [graylog2-server] using size [-1] [-1b], expire [null] > 2014-01-06 13:24:07,080 DEBUG: > org.elasticsearch.gateway.local.state.meta - > [graylog2-server] using gateway.local.auto_import_dangled [YES], with > gateway.local.dangling_timeout [2h] > 2014-01-06 13:24:07,080 ERROR: > org.elasticsearch.gateway.local.state.meta - > [graylog2-server] failed to read local state, exiting... > org.elasticsearch.ElasticSearchIllegalStateException: node is not > configured to store local location > -Sunil. > > > > > -- > You received this message because you are subscribed to the Google Groups > "graylog2" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/groups/opt_out. > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
graylog2-web-interface.conf
Description: Binary data
elasticsearch.yml
Description: Binary data
graylog2.conf
Description: Binary data
