First time setting up Graylog and Elasticsearch Receiving the errors in the subject line.
Configs and logs below: ES yml cluster.name: graylog2 network.bind_host: localhost http.port: 9200 discovery.zen.ping.unicast.hosts: 127.0.0.1 script.inline: off script.indexed: off Graylog server.conf is_master = true node_id_file = /etc/graylog/server/node-id password_secret = <secret> root_password_sha2 = <secret> plugin_dir = /usr/share/graylog-server/plugin rest_listen_uri = http://127.0.0.1:12900/ rotation_strategy = count elasticsearch_max_docs_per_index = 20000000 rotation_strategy = count elasticsearch_max_docs_per_index = 20000000 elasticsearch_max_number_of_indices = 20 retention_strategy = delete elasticsearch_max_number_of_indices = 20 retention_strategy = delete elasticsearch_shards = 4 elasticsearch_replicas = 0 elasticsearch_index_prefix = graylog allow_leading_wildcard_searches = false allow_highlighting = false elasticsearch_discovery_zen_ping_unicast_hosts = 127.0.0.1 elasticsearch_analyzer = standard output_batch_size = 500 output_flush_interval = 1 output_fault_count_threshold = 5 output_fault_penalty_seconds = 30 processbuffer_processors = 5 outputbuffer_processors = 3 processor_wait_strategy = blocking ring_size = 65536 inputbuffer_ring_size = 65536 inputbuffer_processors = 2 inputbuffer_wait_strategy = blocking message_journal_enabled = true message_journal_dir = /var/lib/graylog-server/journal lb_recognition_period_seconds = 3 mongodb_uri = mongodb://localhost/graylog mongodb_max_connections = 1000 mongodb_threads_allowed_to_block_multiplier = 5 content_packs_dir = /usr/share/graylog-server/contentpacks content_packs_auto_load = grok-patterns.json graylog-server.log 2016-05-16T15:06:11.556-04:00 INFO [CmdLineTool] Loaded plugins: [Anonymous Usage Statistics 2.0.1 [org.graylog.plugins.usagestatistics.UsageStatsPlugin], Pipeline Processor Plugin 1.0.0-beta.3 [org.graylog.plugins.pipelineprocessor.ProcessorPlugin], Collector 1.0.1 [org.graylog.plugins.collector.CollectorPlugin], MapWidgetPlugin 1.0.1 [org.graylog.plugins.map.MapWidgetPlugin], Enterprise Integration Plugin 1.0.1 [org.graylog.plugins.enterprise_integration.EnterpriseIntegrationPlugin]] 2016-05-16T15:06:11.666-04:00 INFO [CmdLineTool] Running with JVM arguments: -Xms1g -Xmx1g -XX:NewRatio=1 -XX:+ResizeTLAB -XX:+UseConcMarkSweepGC -XX:+CMSConcurrentMTEnabled -XX:+CMSClassUnloadingEnabled -XX:+UseParNewGC -XX:-OmitStackTraceInFastThrow -Dlog4j.configurationFile=file:///etc/graylog/server/log4j2.xml -Djava.library.path=/usr/share/graylog-server/lib/sigar -Dgraylog2.installation_source=rpm 2016-05-16T15:06:14.252-04:00 INFO [InputBufferImpl] Message journal is enabled. 2016-05-16T15:06:14.480-04:00 INFO [LogManager] Loading logs. 2016-05-16T15:06:14.579-04:00 INFO [LogManager] Logs loading complete. 2016-05-16T15:06:14.580-04:00 INFO [KafkaJournal] Initialized Kafka based journal at /var/lib/graylog-server/journal 2016-05-16T15:06:14.614-04:00 INFO [InputBufferImpl] Initialized InputBufferImpl with ring size <65536> and wait strategy <BlockingWaitStrategy>, running 2 parallel message handlers. 2016-05-16T15:06:14.657-04:00 INFO [cluster] Cluster created with settings {hosts=[localhost:27017], mode=SINGLE, requiredClusterType=UNKNOWN, serverSelectionTimeout='30000 ms', maxWaitQueueSize=5000} 2016-05-16T15:06:14.694-04:00 INFO [cluster] No server chosen by ReadPreferenceServerSelector{readPreference=primary} from cluster description ClusterDescription{type=UNKNOWN, connectionMode=SINGLE, all=[ServerDescription{address=localhost:27017, type=UNKNOWN, state=CONNECTING}]}. Waiting for 30000 ms before timing out 2016-05-16T15:06:14.738-04:00 INFO [connection] Opened connection [connectionId{localValue:1, serverValue:93}] to localhost:27017 2016-05-16T15:06:14.740-04:00 INFO [cluster] Monitor thread successfully connected to server with description ServerDescription{address=localhost:27017, type=STANDALONE, state=CONNECTED, ok=true, version=ServerVersion{versionList=[3, 2, 6]}, minWireVersion=0, maxWireVersion=4, maxDocumentSize=16777216, roundTripTimeNanos=694440} 2016-05-16T15:06:14.750-04:00 INFO [connection] Opened connection [connectionId{localValue:2, serverValue:94}] to localhost:27017 2016-05-16T15:06:15.005-04:00 INFO [NodeId] Node ID: b8f9b2e6-ce5f-451a-b8b4-4109281c831d 2016-05-16T15:06:15.106-04:00 INFO [node] [graylog-b8f9b2e6-ce5f-451a-b8b4-4109281c831d] version[2.3.2], pid[9867], build[b9e4a6a/2016-04-21T16:03:47Z] 2016-05-16T15:06:15.106-04:00 INFO [node] [graylog-b8f9b2e6-ce5f-451a-b8b4-4109281c831d] initializing ... 2016-05-16T15:06:15.117-04:00 INFO [plugins] [graylog-b8f9b2e6-ce5f-451a-b8b4-4109281c831d] modules [], plugins [graylog-monitor], sites [] 2016-05-16T15:06:17.040-04:00 INFO [node] [graylog-b8f9b2e6-ce5f-451a-b8b4-4109281c831d] initialized 2016-05-16T15:06:17.138-04:00 INFO [Version] HV000001: Hibernate Validator 5.2.4.Final 2016-05-16T15:06:17.396-04:00 INFO [ProcessBuffer] Initialized ProcessBuffer with ring size <65536> and wait strategy <BlockingWaitStrategy>. 2016-05-16T15:06:19.909-04:00 INFO [RulesEngineProvider] No static rules file loaded. 2016-05-16T15:06:19.973-04:00 INFO [connection] Opened connection [connectionId{localValue:3, serverValue:95}] to localhost:27017 2016-05-16T15:06:20.177-04:00 WARN [GeoIpResolverEngine] GeoIP database file does not exist: /tmp/GeoLite2-City.mmdb 2016-05-16T15:06:20.192-04:00 INFO [OutputBuffer] Initialized OutputBuffer with ring size <65536> and wait strategy <BlockingWaitStrategy>. 2016-05-16T15:06:20.858-04:00 INFO [ServerBootstrap] Graylog server 2.0.1 (81e0187) starting up 2016-05-16T15:06:20.859-04:00 INFO [ServerBootstrap] JRE: Oracle Corporation 1.8.0_91 on Linux 3.10.0-327.el7.x86_64 2016-05-16T15:06:20.859-04:00 INFO [ServerBootstrap] Deployment: rpm 2016-05-16T15:06:20.859-04:00 INFO [ServerBootstrap] OS: CentOS Linux 7 (Core) (centos) 2016-05-16T15:06:20.859-04:00 INFO [ServerBootstrap] Arch: amd64 2016-05-16T15:06:20.865-04:00 WARN [DeadEventLoggingListener] Received unhandled event of type <org.graylog2.plugin.lifecycles.Lifecycle> from event bus <AsyncEventBus{graylog-eventbus}> 2016-05-16T15:06:20.915-04:00 INFO [PeriodicalsService] Starting 24 periodicals ... 2016-05-16T15:06:20.916-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.ThroughputCalculator] periodical in [0s], polling every [1s]. 2016-05-16T15:06:20.920-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.AlertScannerThread] periodical in [10s], polling every [60s]. 2016-05-16T15:06:20.927-04:00 INFO [node] [graylog-b8f9b2e6-ce5f-451a-b8b4-4109281c831d] starting ... 2016-05-16T15:06:20.930-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.BatchedElasticSearchOutputFlushThread] periodical in [0s], polling every [1s]. 2016-05-16T15:06:20.930-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.ClusterHealthCheckThread] periodical in [0s], polling every [20s]. 2016-05-16T15:06:20.955-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.ContentPackLoaderPeriodical] periodical, running forever. 2016-05-16T15:06:20.956-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.GarbageCollectionWarningThread] periodical, running forever. 2016-05-16T15:06:20.957-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexerClusterCheckerThread] periodical in [0s], polling every [30s]. 2016-05-16T15:06:20.958-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexRetentionThread] periodical in [0s], polling every [300s]. 2016-05-16T15:06:20.959-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexRotationThread] periodical in [0s], polling every [10s]. 2016-05-16T15:06:20.960-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.NodePingThread] periodical in [0s], polling every [1s]. 2016-05-16T15:06:20.962-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.VersionCheckThread] periodical in [300s], polling every [1800s]. 2016-05-16T15:06:20.965-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.ThrottleStateUpdaterThread] periodical in [1s], polling every [1s]. 2016-05-16T15:06:20.967-04:00 INFO [Periodicals] Starting [org.graylog2.events.ClusterEventPeriodical] periodical in [0s], polling every [1s]. 2016-05-16T15:06:20.968-04:00 INFO [Periodicals] Starting [org.graylog2.events.ClusterEventCleanupPeriodical] periodical in [0s], polling every [300s]. 2016-05-16T15:06:20.970-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.ClusterIdGeneratorPeriodical] periodical, running forever. 2016-05-16T15:06:20.971-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexRangesMigrationPeriodical] periodical, running forever. 2016-05-16T15:06:20.972-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexRangesCleanupPeriodical] periodical in [15s], polling every [3600s]. 2016-05-16T15:06:20.974-04:00 INFO [IndexRetentionThread] Elasticsearch cluster not available, skipping index retention checks. 2016-05-16T15:06:20.997-04:00 INFO [connection] Opened connection [connectionId{localValue:4, serverValue:96}] to localhost:27017 2016-05-16T15:06:21.002-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2016-05-16T15:06:21.004-04:00 INFO [connection] Opened connection [connectionId{localValue:7, serverValue:99}] to localhost:27017 2016-05-16T15:06:21.011-04:00 INFO [connection] Opened connection [connectionId{localValue:5, serverValue:97}] to localhost:27017 2016-05-16T15:06:21.025-04:00 INFO [connection] Opened connection [connectionId{localValue:6, serverValue:98}] to localhost:27017 2016-05-16T15:06:21.039-04:00 INFO [PeriodicalsService] Not starting [org.graylog2.periodical.UserPermissionMigrationPeriodical] periodical. Not configured to run on this node. 2016-05-16T15:06:21.040-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.AlarmCallbacksMigrationPeriodical] periodical, running forever. 2016-05-16T15:06:21.040-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.ConfigurationManagementPeriodical] periodical, running forever. 2016-05-16T15:06:21.077-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.LdapGroupMappingMigration] periodical, running forever. 2016-05-16T15:06:21.081-04:00 INFO [Periodicals] Starting [org.graylog.plugins.usagestatistics.UsageStatsNodePeriodical] periodical in [300s], polling every [21600s]. 2016-05-16T15:06:21.093-04:00 INFO [Periodicals] Starting [org.graylog.plugins.usagestatistics.UsageStatsClusterPeriodical] periodical in [300s], polling every [21600s]. 2016-05-16T15:06:21.094-04:00 INFO [Periodicals] Starting [org.graylog.plugins.collector.periodical.PurgeExpiredCollectorsThread] periodical in [0s], polling every [3600s]. 2016-05-16T15:06:21.291-04:00 INFO [transport] [graylog-b8f9b2e6-ce5f-451a-b8b4-4109281c831d] publish_address {127.0.0.1:9350}, bound_addresses {[::1]:9350}, {127.0.0.1:9350} 2016-05-16T15:06:21.306-04:00 INFO [discovery] [graylog-b8f9b2e6-ce5f-451a-b8b4-4109281c831d] graylog/UaTjI60mTkWrF7IVhIEGhg 2016-05-16T15:06:21.455-04:00 INFO [AbstractJerseyService] Enabling CORS for HTTP endpoint 2016-05-16T15:06:24.333-04:00 WARN [discovery] [graylog-b8f9b2e6-ce5f-451a-b8b4-4109281c831d] waited for 3s and no initial state was set by the discovery 2016-05-16T15:06:24.334-04:00 INFO [node] [graylog-b8f9b2e6-ce5f-451a-b8b4-4109281c831d] started 2016-05-16T15:06:24.547-04:00 INFO [NetworkListener] Started listener bound to [127.0.0.1:9000] 2016-05-16T15:06:24.550-04:00 INFO [HttpServer] [HttpServer] Started. 2016-05-16T15:06:24.551-04:00 INFO [WebInterfaceService] Started Web Interface at <http://127.0.0.1:9000/> 2016-05-16T15:06:29.343-04:00 WARN [IndexerSetupService] Could not connect to Elasticsearch 2016-05-16T15:06:29.344-04:00 INFO [IndexerSetupService] If you're using multicast, check that it is working in your network and that Elasticsearch is accessible. Also check that the cluster name setting is correct. 2016-05-16T15:06:29.344-04:00 INFO [IndexerSetupService] See http://docs.graylog.org/en/2.0/pages/configuring_es.html for details. 2016-05-16T15:06:29.676-04:00 INFO [NetworkListener] Started listener bound to [127.0.0.1:12900] 2016-05-16T15:06:29.677-04:00 INFO [HttpServer] [HttpServer-1] Started. 2016-05-16T15:06:29.677-04:00 INFO [RestApiService] Started REST API at <http://127.0.0.1:12900/> 2016-05-16T15:06:29.678-04:00 INFO [ServiceManagerListener] Services are healthy 2016-05-16T15:06:29.679-04:00 INFO [InputSetupService] Triggering launching persisted inputs, node transitioned from Uninitialized [LB:DEAD] to Running [LB:ALIVE] 2016-05-16T15:06:29.682-04:00 INFO [ServerBootstrap] Services started, startup times in ms: {InputSetupService [RUNNING]=5, MetricsReporterService [RUNNING]=57, KafkaJournal [RUNNING]=57, BufferSynchronizerService [RUNNING]=58, OutputSetupService [RUNNING]=78, PeriodicalsService [RUNNING]=230, JournalReader [RUNNING]=267, WebInterfaceService [RUNNING]=3633, IndexerSetupService [RUNNING]=8430, RestApiService [RUNNING]=8781} 2016-05-16T15:06:29.687-04:00 INFO [ServerBootstrap] Graylog server up and running. 2016-05-16T15:06:35.972-04:00 INFO [IndexRangesCleanupPeriodical] Skipping index range cleanup because the Elasticsearch cluster is unreachable or unhealthy 2016-05-16T15:07:20.966-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2016-05-16T15:07:50.969-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2016-05-16T15:08:20.973-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2016-05-16T15:08:50.977-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2016-05-16T15:09:20.980-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2016-05-16T15:09:50.984-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2016-05-16T15:10:20.989-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2016-05-16T15:10:50.993-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2016-05-16T15:11:20.959-04:00 INFO [IndexRetentionThread] Elasticsearch cluster not available, skipping index retention checks. 2016-05-16T15:11:20.998-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2016-05-16T15:11:51.001-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2016-05-16T15:11:51.140-04:00 ERROR [UsageStatsClusterPeriodical] Uncaught exception in periodical org.elasticsearch.discovery.MasterNotDiscoveredException at org.elasticsearch.action.support.master.TransportMasterNodeAction$AsyncSingleAction$5.onTimeout(TransportMasterNodeAction.java:226) ~[graylog.jar:?] at org.elasticsearch.cluster.ClusterStateObserver$ObserverClusterStateListener.onTimeout(ClusterStateObserver.java:236) ~[graylog.jar:?] at org.elasticsearch.cluster.service.InternalClusterService$NotifyTimeout.run(InternalClusterService.java:804) ~[graylog.jar:?] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [?:1.8.0_91] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [?:1.8.0_91] at java.lang.Thread.run(Thread.java:745) [?:1.8.0_91] 2016-05-16T15:12:21.005-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. Any help would be greatly appreciated. Thanks. EP -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/2aade4f7-c338-4b00-a1ba-f8eefd130235%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
