Hi Jochen, appreciate your help with the matter. It appears as though a reindex has solved the problem as I am now able to get a response. I have one quick question I am hoping you can assist with:
When I do request: http://{graylog2ip}:12900/search/universal/keyword?query=cluster%3Abugatti&keyword=1%20week%20ago It will give me back something like you have posted: {"from":0,"size":150,"query":{"query_string":{"query":" cluster:bugatti","allow_leading_wildcard":false}},"post_filter":{"range":{"timestamp":{"from":"2014-10-07 10:14:19.893","to":"2014-10-14 10:14:19.893","include_lower": true,"include_upper":true}}},"sort":[{"timestamp":{"order":"desc"}}]} When I do the var_dump on the response I also see ["messages"]=> array(150) { [0]=> object(stdClass)#2 (2) { ["message"]=> object(stdClass)#3 (18) { ["publisherId"]=> int(1) ["gl2_source_node"]=> string(36) "f336081b-113a-421a-999f-e7df2fafece2" ["full_message"]=> string(97) "[2014-10-06 09:14:05] sending.INFO: Processing from 1-2149-1412586000 queue -------------- [] []" ["QueueID"]=> string(17) "1-2149-1412586000" ["type"]=> string(23) "Veyron-prod.sending.log" ["version"]=> string(3) "1.0" ["timestamp"]=> string(24) "2014-10-06T14:14:06.581Z" ["message"]=> string(97) "[2014-10-06 09:14:05] sending.INFO: Processing from 1-2149-1412586000 queue -------------- [] []" ["level"]=> int(6) ["facility"]=> string(7) "gelf-rb" ["_id"]=> string(36) "08649cb0-4d63-11e4-8723-005056a651bb" ["source"]=> string(23) "shoreham.h.ecentria.com" ["gl2_source_input"]=> string(24) "542d60bae4b01aeb80c85f2a" ["path"]=> string(32) "/var/log/veyron/prod.sending.log" ["cluster"]=> string(6) "veyron" ["streams"]=> array(0) { } ["messageId"]=> string(4) "2149" ["unixTimestamp"]=> string(10) "1412586000" } ["index"]=> string(11) "graylog2_13" } [1]=> ...... But 150 is not enough, how can I change query to have more that 150? This one even shows there was 317 results but it only gives back 150. On Tuesday, October 14, 2014 5:16:36 AM UTC-5, Jochen Schalanda wrote: > > Hi, > > unfortunately I still can't reproduce your problem on recent Graylog2 > versions. > > One thing: You should use an Accept header instead of Content-Type in > your HTTP request. > > Please also run the following query against your Elasticsearch cluster > directly and check if it returns any errors: > > {"from":0,"size":150,"query":{"query_string":{"query":"cluster:bugatti","allow_leading_wildcard":false}},"post_filter":{"range":{"timestamp":{"from":"2014-10-07 > > 10:14:19.893","to":"2014-10-14 > 10:14:19.893","include_lower":true,"include_upper":true}}},"sort":[{"timestamp":{"order":"desc"}}]} > > > > Cheers, > Jochen > > > Am Freitag, 10. Oktober 2014 22:29:04 UTC+2 schrieb Mave Zero: >> >> Hello, >> >> What I have now is only for testing, I have: >> >> <?php >> >> $restUrl = >> "http://{graylog2ip}:12900/search/universal/keyword?query=cluster%3Abugatti&keyword=1%20week%20ago";; >> $restApiUser = "username"; >> $restApiPass = "password"; >> >> $url = $restUrl; >> >> $ch = curl_init(); >> curl_setopt($ch, CURLOPT_URL, $url); >> curl_setopt($ch, CURLOPT_HEADER, 0); >> curl_setopt($ch, CURLOPT_HTTPHEADER,array('Content-type: >> application/json')); >> curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); >> curl_setopt($ch, CURLOPT_USERPWD, "$restApiUser:$restApiPass"); >> curl_setopt($ch, CURLOPT_SSLVERSION, 3); >> >> $result = curl_exec($ch); >> $info = curl_getinfo($ch); >> curl_close($ch); >> >> print_r($result); >> >> ?> >> >> As you can see we use Content type application/json. Things to note: >> {graylog2ip} just the IP address for graylog2 server, bugatti is the name >> of the cluster. >> >> >> >> On Thursday, October 9, 2014 5:38:26 AM UTC-5, Jochen Schalanda wrote: >>> >>> Hi, >>> >>> Am Mittwoch, 8. Oktober 2014 23:15:21 UTC+2 schrieb Mave Zero: >>>> >>>> I set up my query correctly with the correct range keyword for my needs >>>> and press the "Try it out!" button to receive some response info. It gives >>>> a valid 200 response code with a response body, along with the request URL >>>> needed to get that information (this I would use for my PHP script). >>>> >>>> The problem, however, is when I attempt to go to that URL I get a blank >>>> page that says "Uncaught exception! HTTP 500 Internal Server Error". >>>> >>> >>> Unfortunately I couldn't reproduce the error you've mentioned with >>> Graylog2 0.90.0, 0.91.0-rc.1, or the current development version >>> (0.92.0-SNAPSHOT). >>> >>> Please provide the actual query (ideally the HTTP request) you are >>> running against your Graylog2 0.90.0 server so that we can try to fix this. >>> >>> >>> Cheers, >>> Jochen >>> >> -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
