Hi Nathan, those errors hint to Graylog not being able to connect to the Elasticsearch cluster. Check the logs of your Graylog server for more details.
Just as a side node, if you simply want to try out Graylog and play around with it, you can also use the official virtual machine images and spare yourself the setup: http://docs.graylog.org/en/2.0/pages/installation/virtual_machine_appliances.html Cheers, Jochen On Friday, 5 August 2016 17:19:19 UTC+2, Nathan Mace wrote: > > Changed those two settings and now the web interface is working and I am > able to login and configure Inputs. Woot! > > However none of the data that should be received by the input is being > received. If you go to the search screen and wait for a ~30 seconds or so > there are two red warnings that pop up on the bottom of the screen and then > go away. They are: > > Could not load sources data > Loading of the sources data failed with status: Error cannot GET > http://x.x.x.146:12900/sources?range=3600 try reloading the page > > and > > Could not load field information > loading field information failed with status: cannot GET > http://x.x.x.146:12900/system/fields (500) > > Reloading the browser page doesn't seem to make any difference. Also of > note, going to System -> Overview the section for Elasticsearch Cluster > just spins with a "Loading" spinner and never shows the status of the ES > cluster. > > Nathan > > On Thursday, August 4, 2016 at 5:23:00 PM UTC-4, Jochen Schalanda wrote: >> >> Hi Nathan, >> >> try removing the elasticsearch_transport_tcp_port setting from your >> Graylog configuration and add the port (9300) to the IP address in >> elasticsearch_discovery_zen_ping_unicast_hosts (so that it's bein set to >> x.x.x.149:9300). >> >> Additionally, your web_endpoint_uri is wrong and should be removed >> completely (or at least point to the public address of the Graylog REST >> API). >> >> Cheers, >> Jochen >> >> On Thursday, 4 August 2016 21:14:37 UTC+2, Nathan Mace wrote: >>> >>> Per my other thread, I decided to delete the VMs and start over from >>> scratch. Instead of running ES on two nodes and Graylog on one of those >>> nodes, I've got two VM. Running ES only and the other running Graylog and >>> MongoDB only. >>> >>> ansted -> x.x.x.146 Running Graylog and MongoDB >>> ansted-search-01 -> x.x.x.149 Running ElasticSearch >>> >>> I've attached the two config files (one for Graylog and one for ES). I >>> removed all of the commented out lines from the text files. I've also >>> attached the log file that Graylog is generating. The repeated error is: >>> >>> 2016-08-04T14:14:09.089-04:00 WARN [unicast] >>> [graylog-f51e5052-55d0-4c4a-92ca-89a28282b3f4] failed to send ping to >>> [{#zen_unicast_1#}{x.x.x.149}{x.x.x.149:9200}] >>> org.elasticsearch.transport.ReceiveTimeoutTransportException: >>> [][x.x.x.149:9200][internal:discovery/zen/unicast] request_id [18] timed >>> out after [3750ms] >>> at >>> org.elasticsearch.transport.TransportService$TimeoutHandler.run(TransportService.java:679) >>> >>> [graylog.jar:?] >>> at >>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) >>> >>> [?:1.8.0_101] >>> at >>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) >>> >>> [?:1.8.0_101] >>> at java.lang.Thread.run(Thread.java:745) [?:1.8.0_101] >>> >>> It is trying to connect to the ES server's IP, but I am out of ideas as >>> for what is wrong. I know I have ES set to use port 9300 for transport and >>> Graylog is (currently) set to port 9200, but changing Graylog's config file >>> doesn't seem to change the error in the Graylog log file. >>> >> -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/14443e0e-9074-4670-a747-9f665cadac34%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
