Hi Roberto, check your Elasticsearch logs, not the logs of your Graylog server.
Cheers, Jochen On Tuesday, 16 February 2016 16:17:47 UTC+1, [email protected] wrote: > > Dear Jochen, > > When I search for errors or warnings in the current graylog2.log, there > are no nothing. > > And /var is at 72% of disk space. > > What can I look for ? Anything in particular ? > > Thanks a lot, > > Roberto > > El martes, 16 de febrero de 2016, 12:06:17 (UTC-3), Jochen Schalanda > escribió: >> >> Hi Roberto, >> >> there's something wrong with your Elasticsearch cluster (see >> http://docs.graylog.org/en/1.3/pages/configuring_es.html#cluster-status-explained >> >> for an explanation of the different Cluster Health States) which prevents >> Graylog from indexing more log messages. >> >> Check the logs of your Elasticsearch nodes (e. g. in >> /var/log/elasticsearch) for errors. Very often, Elasticsearch simply ran >> out of disk space. >> >> >> Cheers, >> Jochen >> >> On Tuesday, 16 February 2016 15:46:26 UTC+1, [email protected] wrote: >>> >>> Dear, I have Graylog 1.2 but right now I have a lot of incoming messages >>> but no outgoing messages at all, so my journal space is increasing a lot: >>> >>> *Processing 1500 incoming and 0 outgoing msg/s. 1,877,835 unprocessed >>> messages* >>> >>> I can see just this error or warning: >>> >>> *Elasticsearch cluster is red.* Shards: 92 active, 0 initializing, 0 >>> relocating, 4 unassigned >>> >>> What can be the problem? How can I get outgoing messages again ? >>> >>> Thanks a lot, >>> >>> Roberto >>> >>> -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/510531aa-1bfc-41e5-8dbb-29c3f8b91bfa%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
