[graylog2] Re: Oracle java updates?
Just for your info, Elastic advises always to use the latest version, to have full and errorless usage of their product. On Thursday, April 23, 2015 at 11:43:18 PM UTC+2, Mark Moorcroft wrote: The elasticsearch wisdom seems to be to use the Oracle JRE. But has anyone figured out how to keep the Oracle JRE updated on a standalone elastic server that never runs a browser. I can't seem to find any documentation about this. And I can't find any reference to a java command that checks for pending updates on the command line. I don't see any sign that the linux JRE has a control panel, and according to the documentation I found Windows is the only platform the supports auto-update. Obviously if you use the CentOS yum installed java then yum update handles the updates. -- You received this message because you are subscribed to the Google Groups graylog2 group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Re: I receive a lot of logs but Graylog only shows a few
Do you have some indexer failures in graylog? On Friday, April 24, 2015 at 2:14:28 PM UTC+2, roberto...@gmail.com wrote: Dear, I've read the link about ASA's remote logging but it's the same I've done. The problem is that lot of ASA logs come to my Graylog server, I see them with tcpdump, but just a little part of them are displayed on the web interfaceIs it possible that all the logs arent't displayed but any reason I don't know??? Thanks a lot!!! El viernes, 24 de abril de 2015, 3:16:24 (UTC-3), Fisz escribió: Hi, There are many types of sending logs from ASA. For ex. you can send different logs on ASA ASDM, and different on syslog server. This topic might interest you: http://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/63884-config-asa-00.html On Thursday, April 23, 2015 at 3:22:32 PM UTC+2, roberto...@gmail.com wrote: Dear, I have Graylog 1.0.1 installed in a Debian Wheezy box. Everything works OK, except the Cisco ASA incoming logs. When I'm in Graylog terminal, I execute tcpdump pointing to Cisco ASA IP, and I can see a lot of incoming logsbut when I'm in the Graylog web interface, and choose the Cisco ASA source, there are a few logs. What can be the problem with this situation??? Thanks a lot, Roberto. -- You received this message because you are subscribed to the Google Groups graylog2 group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] How to create date-wise indexing?
Hi, I just started exploring Graylog..I am just looking for day wise Indexing feature. is there any way to achieve this? I am using graylog 1.0.1. Thanks, Sumit -- You received this message because you are subscribed to the Google Groups graylog2 group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Re: I receive a lot of logs but Graylog only shows a few
Dear, I've read the link about ASA's remote logging but it's the same I've done. The problem is that lot of ASA logs come to my Graylog server, I see them with tcpdump, but just a little part of them are displayed on the web interfaceIs it possible that all the logs arent't displayed but any reason I don't know??? Thanks a lot!!! El viernes, 24 de abril de 2015, 3:16:24 (UTC-3), Fisz escribió: Hi, There are many types of sending logs from ASA. For ex. you can send different logs on ASA ASDM, and different on syslog server. This topic might interest you: http://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/63884-config-asa-00.html On Thursday, April 23, 2015 at 3:22:32 PM UTC+2, roberto...@gmail.com wrote: Dear, I have Graylog 1.0.1 installed in a Debian Wheezy box. Everything works OK, except the Cisco ASA incoming logs. When I'm in Graylog terminal, I execute tcpdump pointing to Cisco ASA IP, and I can see a lot of incoming logsbut when I'm in the Graylog web interface, and choose the Cisco ASA source, there are a few logs. What can be the problem with this situation??? Thanks a lot, Roberto. -- You received this message because you are subscribed to the Google Groups graylog2 group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Re: I receive a lot of logs but Graylog only shows a few
From tcpdump I get lines like these, and I can see ICMP unreachable messages but from Graylog to Cisco ASA I think they're not relevant: 10:22:44.814404 IP Cisco-ASA.syslog GRAYLOG.syslog: SYSLOG local4.warning, length: 166 10:22:44.814445 IP GRAYLOG Cisco-ASA: ICMP GRAYLOG udp port syslog unreachable, length 202 10:22:49.823279 IP Cisco-ASA.syslog GRAYLOG.syslog: SYSLOG local4.warning, length: 166 10:22:49.823313 IP GRAYLOG Cisco-ASA: ICMP GRAYLOG udp port syslog unreachable, length 202 10:22:54.823912 IP Cisco-ASA.syslog GRAYLOG.syslog: SYSLOG local4.warning, length: 166 10:22:54.823953 IP GRAYLOG Cisco-ASA: ICMP GRAYLOG udp port syslog unreachable, length 202 10:22:59.823951 IP Cisco-ASA.syslog GRAYLOG.syslog: SYSLOG local4.warning, length: 166 10:22:59.823981 IP GRAYLOG Cisco-ASA: ICMP GRAYLOG udp port syslog unreachable, length 202 10:23:04.831671 IP Cisco-ASA.syslog GRAYLOG.syslog: SYSLOG local4.warning, length: 166 10:23:04.831710 IP GRAYLOG Cisco-ASA: ICMP GRAYLOG udp port syslog unreachable, length 202 10:23:09.832059 IP Cisco-ASA.syslog GRAYLOG.syslog: SYSLOG local4.warning, length: 166 10:23:09.832085 IP GRAYLOG Cisco-ASA: ICMP GRAYLOG udp port syslog unreachable, length 202 El viernes, 24 de abril de 2015, 10:16:25 (UTC-3), roberto...@gmail.com escribió: Not nowmy Indices section is green without failures...any idea please??? Thanks again. El viernes, 24 de abril de 2015, 10:01:45 (UTC-3), Fisz escribió: Do you have some indexer failures in graylog? On Friday, April 24, 2015 at 2:14:28 PM UTC+2, roberto...@gmail.com wrote: Dear, I've read the link about ASA's remote logging but it's the same I've done. The problem is that lot of ASA logs come to my Graylog server, I see them with tcpdump, but just a little part of them are displayed on the web interfaceIs it possible that all the logs arent't displayed but any reason I don't know??? Thanks a lot!!! El viernes, 24 de abril de 2015, 3:16:24 (UTC-3), Fisz escribió: Hi, There are many types of sending logs from ASA. For ex. you can send different logs on ASA ASDM, and different on syslog server. This topic might interest you: http://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/63884-config-asa-00.html On Thursday, April 23, 2015 at 3:22:32 PM UTC+2, roberto...@gmail.com wrote: Dear, I have Graylog 1.0.1 installed in a Debian Wheezy box. Everything works OK, except the Cisco ASA incoming logs. When I'm in Graylog terminal, I execute tcpdump pointing to Cisco ASA IP, and I can see a lot of incoming logsbut when I'm in the Graylog web interface, and choose the Cisco ASA source, there are a few logs. What can be the problem with this situation??? Thanks a lot, Roberto. -- You received this message because you are subscribed to the Google Groups graylog2 group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
