Hi Nathan,

those errors hint to Graylog not being able to connect to the Elasticsearch 
cluster. Check the logs of your Graylog server for more details.

Just as a side node, if you simply want to try out Graylog and play around 
with it, you can also use the official virtual machine images and spare 
yourself the 
setup: 
http://docs.graylog.org/en/2.0/pages/installation/virtual_machine_appliances.html

Cheers,
Jochen

On Friday, 5 August 2016 17:19:19 UTC+2, Nathan Mace wrote:
>
> Changed those two settings and now the web interface is working and I am 
> able to login and configure Inputs.  Woot!
>
> However none of the data that should be received by the input is being 
> received.  If you go to the search screen and wait for a ~30 seconds or so 
> there are two red warnings that pop up on the bottom of the screen and then 
> go away.  They are:
>
> Could not load sources data
> Loading of the sources data failed with status: Error cannot GET 
> http://x.x.x.146:12900/sources?range=3600 try reloading the page
>
> and
>
> Could not load field information
> loading field information failed with status: cannot GET 
> http://x.x.x.146:12900/system/fields (500)
>
> Reloading the browser page doesn't seem to make any difference.  Also of 
> note, going to System -> Overview the section for Elasticsearch Cluster 
> just spins with a "Loading" spinner and never shows the status of the ES 
> cluster.
>
> Nathan
>
> On Thursday, August 4, 2016 at 5:23:00 PM UTC-4, Jochen Schalanda wrote:
>>
>> Hi Nathan,
>>
>> try removing the elasticsearch_transport_tcp_port setting from your 
>> Graylog configuration and add the port (9300) to the IP address in 
>> elasticsearch_discovery_zen_ping_unicast_hosts (so that it's bein set to 
>> x.x.x.149:9300).
>>
>> Additionally, your web_endpoint_uri is wrong and should be removed 
>> completely (or at least point to the public address of the Graylog REST 
>> API).
>>
>> Cheers,
>> Jochen
>>
>> On Thursday, 4 August 2016 21:14:37 UTC+2, Nathan Mace wrote:
>>>
>>> Per my other thread, I decided to delete the VMs and start over from 
>>> scratch.  Instead of running ES on two nodes and Graylog on one of those 
>>> nodes, I've got two VM.  Running ES only and the other running Graylog and 
>>> MongoDB only.
>>>
>>> ansted -> x.x.x.146 Running Graylog and MongoDB
>>> ansted-search-01 -> x.x.x.149 Running ElasticSearch
>>>
>>> I've attached the two config files (one for Graylog and one for ES).  I 
>>> removed all of the commented out lines from the text files.  I've also 
>>> attached the log file that Graylog is generating.  The repeated error is:
>>>
>>> 2016-08-04T14:14:09.089-04:00 WARN  [unicast] 
>>> [graylog-f51e5052-55d0-4c4a-92ca-89a28282b3f4] failed to send ping to 
>>> [{#zen_unicast_1#}{x.x.x.149}{x.x.x.149:9200}]
>>> org.elasticsearch.transport.ReceiveTimeoutTransportException: 
>>> [][x.x.x.149:9200][internal:discovery/zen/unicast] request_id [18] timed 
>>> out after [3750ms]
>>> at 
>>> org.elasticsearch.transport.TransportService$TimeoutHandler.run(TransportService.java:679)
>>>  
>>> [graylog.jar:?]
>>> at 
>>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
>>>  
>>> [?:1.8.0_101]
>>> at 
>>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
>>>  
>>> [?:1.8.0_101]
>>> at java.lang.Thread.run(Thread.java:745) [?:1.8.0_101]
>>>
>>> It is trying to connect to the ES server's IP, but I am out of ideas as 
>>> for what is wrong.  I know I have ES set to use port 9300 for transport and 
>>> Graylog is (currently) set to port 9200, but changing Graylog's config file 
>>> doesn't seem to change the error in the Graylog log file.
>>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/14443e0e-9074-4670-a747-9f665cadac34%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to