[graylog2] Re: Chunking format, some examples?
Jeff - I'm having a hard time understanding this myself. Instead of chunking you could try to gzip it. Graylog should decode a gzip'd string automatically. I think it would be something like: echo | gzip -cf | nc etc... On Thursday, September 17, 2015 at 10:27:11 AM UTC-4, Jeffrey Newell wrote: > > I am just getting started using graylog, and am honing my logging. > I have a large dump from an external tool im using in my data pipeline > that I want so send as a Debug-level single log item. > I'm interfacing with graylog with nc, piping a formatted string, of GELF > format, to it (ip address obfuscated below, of course): > > echo "{\"version\": > \"$GRAYLOG_VERSION\",\"host\":\"$APP_HOST\",\"short_message\":\"$SHORT_MESSAGE\",\"full_message\":\"$j\",\"level\":$LOG_LEVEL,\"log_type\":\"$LOG_TYPE\"}" > > | nc -w 3 -u 00.00.00.00 12201 > > > I see in the docs there is a direction, and further info about a structure > to prepend, but I'm not clear WHERE this should go, like directly before > the { or what, any separators? An example would be really helpful: > > You can define chunks of messages by prepending a byte header to a GELF > message including a message ID and sequence count/number to reassemble the > message later > > > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/8b66648b-6dcd-4ca0-b161-21c7ea19261a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [graylog2] Graylog 1.2 LDAP Integration Error.
Great! It works perfectly, thanks for your help! Am Freitag, 18. September 2015 17:04:57 UTC+2 schrieb Kay Röpke: > > > On 18 Sep 2015, at 16:05, ivan morozov> wrote: > > So far i know to keep the input configurations/ grok patterns / custom > extractors, i have to use the same NODE_ID and same password_secret. > I estimate when i change it i will lose all this configurations? Do you > have a approach to avoid this? > > > The password secret is only for authentication tokens, user passwords and > the ldap settings. You need to keep the node id, but the secret should not > affect anything else. > > cheers, > -k > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/24be7d9d-8e0a-48c3-9ac1-749f1210e571%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] graylog2-web-interface - build_release.sh fails today
Yesterday the build worked fine, but today I've made no changes and I'm getting npm issues: npm WARN package.json graylog-web-interface@1.3.0-SNAPSHOT No repository field. npm WARN package.json graylog-web-interface@1.3.0-SNAPSHOT No README data npm http GET https://registry.npmjs.org/npm/3.3.4 npm http 200 https://registry.npmjs.org/npm/3.3.4 npm http GET https://registry.npmjs.org/npm/-/npm-3.3.4.tgz npm http 200 https://registry.npmjs.org/npm/-/npm-3.3.4.tgz npm WARN prefer global npm@3.3.4 should be installed with -g npm@3.3.4 node_modules/npm Using npm module.js:340 throw err; ^ Error: Cannot find module 'are-we-there-yet' at Function.Module._resolveFilename (module.js:338:15) at Function.Module._load (module.js:280:25) at Module.require (module.js:364:17) at require (module.js:380:17) at Object. (/home/jesse/IdeaProjects/graylog2-web-interface/javascript/node_modules/npm/node_modules/npmlog/log.js:2:16) at Module._compile (module.js:456:26) at Object.Module._extensions..js (module.js:474:10) at Module.load (module.js:356:32) at Function.Module._load (module.js:312:12) at Module.require (module.js:364:17) Changing build_release.sh from: # Install same npm version as we use in travis rm -rf ./node_modules npm install --no-spin npm@latest to # Install same npm version as we use in travis rm -rf ./node_modules npm install --no-spin npm@2 allows it to build properly. Any ideas? -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/c5303cb6-f651-4cc5-bd04-fedab9a9e6da%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [graylog2] Trends presentation in dashboard
Hi Stanislav, The "lower is better" option changes the used colour for arrows indicating the trend. With that option enabled, arrows pointing down will be in green, and arrows pointing up in red. I am not aware of any issues with that feature, at least seems to be working in 1.2.0. Could you please upgrade to 1.2.0 and see if the problem disappears? In other case, please attach an screenshot of the problem, and the configuration of the widget (you get it by clicking on the info button on the bottom-right corner of the widget). Regards, Edmundo > On 17 Sep 2015, at 18:18, Stanislav Koppwrote: > > Hi all, > > I have a question about trends in dashboard, I've activated trend for simple > logs counter with option "Lower is better", but no matter if number of logs > is lower or higher, it always remains "green". Did I misunderstood this > feature or it is something wrong with my setup? > > I'm using Graylog 1.1.4 > > Thanks, > Stan > > -- > You received this message because you are subscribed to the Google Groups > "Graylog Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to graylog2+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/graylog2/c186a534-3577-4455-9a5c-5c4876a75fb0%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/3FF40F9E-94B6-4586-9C93-3CA575A83222%40graylog.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Encoding problem in email alert callback.
Hello! We have a standard email callback configuration: body: ## Alert Description: ${check_result.resultDescription} Date: ${check_result.triggeredAt} Stream ID: ${stream.id} Stream title: ${stream.title} Stream description: ${stream.description} ${if stream_url}Stream URL: ${stream_url}${end} Triggered condition: ${check_result.triggeredCondition} ## ${if backlog}Last messages accounting for this alert: ${foreach backlog message}${message} ${end}${else} ${end} sender: graylog@*** subject: Graylog alert for stream: ${stream.title}: ${check_result. resultDescription} Everything works fine, except that ${message} contain question marks instead of cyrillic symbols. >From graylog stream documentation: message (only available via iteration over the backlog object) > The message object has several fields with details about the message. When > using the message object without accessing any fields, the toString() > method of the underlying Java object is used to display it. I think that problem is in the toString() method, that doesn't work with unicode. Is there any way to solve this problem? JMTE magic maybe? Thanks in advance. Alexander. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/53519954-d73e-4351-b3b9-3300a06b94af%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [graylog2] Trends presentation in dashboard
Hi Edmundo, thx for explanation, I did some research for another counter, see screenshots: http://imgur.com/a/765md the first one is counter for errors in last hour, you see 3437 messages the second one is the same stream for last 2 hours, 6636 messages, what makes 6636-3437=3199, so this mean for me the number of errors now is more than for "another" last hour, but the widget is still green (no screenshot, but you can trust me :) Best, Stan 2015-09-18 16:06 GMT+02:00 Edmundo Alvarez: > To be honest I'm not sure if it is an actual error or some misunderstanding > of how it works, as it is tricky. I will explain it here a bit more in depth, > so you can investigate further, and decide if it is working or not. > > When you add a count widget for the last 5 minutes, Graylog will do a search > in the last 5 minutes and count the number of messages. Adding a trend to > that widget means that Graylog will do two searches: one in the last 5 > minutes for the actual number you want to see, and another one in the > previous 5 minutes that is, since 10 minutes ago to 5 minutes ago, and > compare the results to show the trend information. > > So, in summary, to see if it is working as expected, you could do a search in > the last 10 minutes, subtract the count for the last 5 minutes, and see if > the previous count was higher or lower. Please let us know the results, so we > know if there is a problem with it. > > Cheers, > > Edmundo > >> On 18 Sep 2015, at 15:39, Stanislav Kopp wrote: >> >> Hi Edmundo, >> >> thx, I will try upgrade graylog to 1.2 next week (I wanted to wait >> till 1.2.1 honestly), here some screenshot of my dasboard >> http://imgur.com/a/l0t02, the widget shows count of specific errors >> every 5 minutes (so less is better). here is "4", 5 minutes before it >> was "1", so if I understood correctly the arrow should be red >> (pointing up). >> >> Best, >> Stan >> >> 2015-09-18 14:21 GMT+02:00 Edmundo Alvarez : >>> Hi Stanislav, >>> >>> The "lower is better" option changes the used colour for arrows indicating >>> the trend. With that option enabled, arrows pointing down will be in green, >>> and arrows pointing up in red. I am not aware of any issues with that >>> feature, at least seems to be working in 1.2.0. Could you please upgrade to >>> 1.2.0 and see if the problem disappears? >>> >>> In other case, please attach an screenshot of the problem, and the >>> configuration of the widget (you get it by clicking on the info button on >>> the bottom-right corner of the widget). >>> >>> Regards, >>> >>> Edmundo >>> On 17 Sep 2015, at 18:18, Stanislav Kopp wrote: Hi all, I have a question about trends in dashboard, I've activated trend for simple logs counter with option "Lower is better", but no matter if number of logs is lower or higher, it always remains "green". Did I misunderstood this feature or it is something wrong with my setup? I'm using Graylog 1.1.4 Thanks, Stan -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/c186a534-3577-4455-9a5c-5c4876a75fb0%40googlegroups.com. For more options, visit https://groups.google.com/d/optout. >>> >>> -- >>> You received this message because you are subscribed to a topic in the >>> Google Groups "Graylog Users" group. >>> To unsubscribe from this topic, visit >>> https://groups.google.com/d/topic/graylog2/rgagiaf8MgM/unsubscribe. >>> To unsubscribe from this group and all its topics, send an email to >>> graylog2+unsubscr...@googlegroups.com. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/graylog2/3FF40F9E-94B6-4586-9C93-3CA575A83222%40graylog.com. >>> For more options, visit https://groups.google.com/d/optout. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Graylog Users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to graylog2+unsubscr...@googlegroups.com. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/graylog2/CAFddgf3detsBhXPFuSKsd0GODRDsZx3BnzsVG-0ya0kMVJ7%2Bdg%40mail.gmail.com. >> For more options, visit https://groups.google.com/d/optout. > > -- > You received this message because you are subscribed to a topic in the Google > Groups "Graylog Users" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/graylog2/rgagiaf8MgM/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > graylog2+unsubscr...@googlegroups.com. > To view this discussion on the web visit
Re: [graylog2] Graylog 1.2 LDAP Integration Error.
> On 18 Sep 2015, at 16:05, ivan morozovwrote: > > So far i know to keep the input configurations/ grok patterns / custom > extractors, i have to use the same NODE_ID and same password_secret. > I estimate when i change it i will lose all this configurations? Do you have > a approach to avoid this? > The password secret is only for authentication tokens, user passwords and the ldap settings. You need to keep the node id, but the secret should not affect anything else. cheers, -k -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/85079D70-8314-4119-893F-D39264401358%40gmail.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Graylog 1.2 LDAP Integration Error.
Hi @All, i'm trying to integrate LDAP into my Graylog. I'm using Graylog standalone docker machine. In my case i'm putt all the configuration of LDAP into Graylog UI, then 1. Test Server Connection -> Works Fine! 2. Test Login -> Works Fine! 3. Save LDAP Settings -> Fail! After looking into Logs i found this: Unable to save LDAP settings. org.graylog2.restclient.lib.APIException: API call failed PUT http://@172.17.0.14:12900/system/ldap/settings returned 500 Internal Server Error body: {"type":"ApiError","message":"String index out of range: 16"} Has anybody this error before? Best Ivan -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/3a36c236-4aa3-4030-ab98-360c42215382%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [graylog2] Graylog 1.2 LDAP Integration Error.
This is because your password_secret in the server.conf is too short. We use AES to encrypt the system password and AES needs 16 characters as inputs from the secret. If it is too short, then we can’t encrypt it. If you change it, then you need to reset the passwords of all users except the builtin admin account. cheers, -k > On 18 Sep 2015, at 15:49, Edmundo Alvarezwrote: > > Hi, > > Could you please also include any errors that you may see in the Graylog > server log? Maybe those were give us a hint. > > Thank you, > > Edmundo > >> On 18 Sep 2015, at 15:34, ivan morozov wrote: >> >> Hi @All, >> >> i'm trying to integrate LDAP into my Graylog. I'm using Graylog standalone >> docker machine. >> >> In my case i'm putt all the configuration of LDAP into Graylog UI, then >> • Test Server Connection -> Works Fine! >> • Test Login -> Works Fine! >> • Save LDAP Settings -> Fail! >> >> After looking into Logs i found this: >> >> Unable to save LDAP settings. >> >> >> >> org.graylog2.restclient.lib.APIException: API call failed PUT >> http://@172.17.0.14:12900/system/ldap/settings returned 500 Internal Server >> Error body: {"type":"ApiError","message":"String index out of range: 16"} >> >> >> >> >> >> >> >> >> Has anybody this error before? >> >> >> >> Best >> >> Ivan >> >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Graylog Users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to graylog2+unsubscr...@googlegroups.com. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/graylog2/3a36c236-4aa3-4030-ab98-360c42215382%40googlegroups.com. >> For more options, visit https://groups.google.com/d/optout. > > -- > You received this message because you are subscribed to the Google Groups > "Graylog Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to graylog2+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/graylog2/D935506A-A040-4E65-B97C-291CFD3CFFEB%40graylog.com. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/4F64A289-76BD-4F7E-B73B-15A1B3B44B53%40gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [graylog2] Trends presentation in dashboard
To be honest I'm not sure if it is an actual error or some misunderstanding of how it works, as it is tricky. I will explain it here a bit more in depth, so you can investigate further, and decide if it is working or not. When you add a count widget for the last 5 minutes, Graylog will do a search in the last 5 minutes and count the number of messages. Adding a trend to that widget means that Graylog will do two searches: one in the last 5 minutes for the actual number you want to see, and another one in the previous 5 minutes that is, since 10 minutes ago to 5 minutes ago, and compare the results to show the trend information. So, in summary, to see if it is working as expected, you could do a search in the last 10 minutes, subtract the count for the last 5 minutes, and see if the previous count was higher or lower. Please let us know the results, so we know if there is a problem with it. Cheers, Edmundo > On 18 Sep 2015, at 15:39, Stanislav Koppwrote: > > Hi Edmundo, > > thx, I will try upgrade graylog to 1.2 next week (I wanted to wait > till 1.2.1 honestly), here some screenshot of my dasboard > http://imgur.com/a/l0t02, the widget shows count of specific errors > every 5 minutes (so less is better). here is "4", 5 minutes before it > was "1", so if I understood correctly the arrow should be red > (pointing up). > > Best, > Stan > > 2015-09-18 14:21 GMT+02:00 Edmundo Alvarez : >> Hi Stanislav, >> >> The "lower is better" option changes the used colour for arrows indicating >> the trend. With that option enabled, arrows pointing down will be in green, >> and arrows pointing up in red. I am not aware of any issues with that >> feature, at least seems to be working in 1.2.0. Could you please upgrade to >> 1.2.0 and see if the problem disappears? >> >> In other case, please attach an screenshot of the problem, and the >> configuration of the widget (you get it by clicking on the info button on >> the bottom-right corner of the widget). >> >> Regards, >> >> Edmundo >> >>> On 17 Sep 2015, at 18:18, Stanislav Kopp wrote: >>> >>> Hi all, >>> >>> I have a question about trends in dashboard, I've activated trend for >>> simple logs counter with option "Lower is better", but no matter if number >>> of logs is lower or higher, it always remains "green". Did I misunderstood >>> this feature or it is something wrong with my setup? >>> >>> I'm using Graylog 1.1.4 >>> >>> Thanks, >>> Stan >>> >>> -- >>> You received this message because you are subscribed to the Google Groups >>> "Graylog Users" group. >>> To unsubscribe from this group and stop receiving emails from it, send an >>> email to graylog2+unsubscr...@googlegroups.com. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/graylog2/c186a534-3577-4455-9a5c-5c4876a75fb0%40googlegroups.com. >>> For more options, visit https://groups.google.com/d/optout. >> >> -- >> You received this message because you are subscribed to a topic in the >> Google Groups "Graylog Users" group. >> To unsubscribe from this topic, visit >> https://groups.google.com/d/topic/graylog2/rgagiaf8MgM/unsubscribe. >> To unsubscribe from this group and all its topics, send an email to >> graylog2+unsubscr...@googlegroups.com. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/graylog2/3FF40F9E-94B6-4586-9C93-3CA575A83222%40graylog.com. >> For more options, visit https://groups.google.com/d/optout. > > -- > You received this message because you are subscribed to the Google Groups > "Graylog Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to graylog2+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/graylog2/CAFddgf3detsBhXPFuSKsd0GODRDsZx3BnzsVG-0ya0kMVJ7%2Bdg%40mail.gmail.com. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/91D1468D-4951-4BBA-8E11-221879F811E3%40graylog.com. For more options, visit https://groups.google.com/d/optout.
Re: [graylog2] Encoding problem in email alert callback.
Hi Alexander, Could you please open an issue in Github https://github.com/Graylog2/graylog2-server/issues? Please include an example log message, so we can test it more easily. Thank you, Edmundo > On 17 Sep 2015, at 18:33, Alexander Ivaneswrote: > > Hello! > > We have a standard email callback configuration: > > body: > ## > Alert Description: ${check_result.resultDescription} > Date: ${check_result.triggeredAt} > Stream ID: ${stream.id} > Stream title: ${stream.title} > Stream description: ${stream.description} > ${if stream_url}Stream URL: ${stream_url}${end} > Triggered condition: ${check_result.triggeredCondition} > ## > ${if backlog}Last messages accounting for this alert: > ${foreach backlog message}${message} > ${end}${else} > ${end} > > sender: > graylog@*** > > subject: > Graylog alert for stream: ${stream.title}: ${check_result.resultDescription} > > > Everything works fine, except that ${message} contain question marks instead > of cyrillic symbols. > > From graylog stream documentation: > > message (only available via iteration over the backlog object) > The message object has several fields with details about the message. When > using the message object without accessing any fields, the toString() method > of the underlying Java object is used to display it. > > I think that problem is in the toString() method, that doesn't work with > unicode. > > Is there any way to solve this problem? JMTE magic maybe? > > Thanks in advance. > > Alexander. > > > > -- > You received this message because you are subscribed to the Google Groups > "Graylog Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to graylog2+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/graylog2/53519954-d73e-4351-b3b9-3300a06b94af%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/7DBBBD99-D515-4B17-838C-15866641CB2B%40graylog.com. For more options, visit https://groups.google.com/d/optout.
Re: [graylog2] Graylog 1.2 LDAP Integration Error.
Hi, Could you please also include any errors that you may see in the Graylog server log? Maybe those were give us a hint. Thank you, Edmundo > On 18 Sep 2015, at 15:34, ivan morozovwrote: > > Hi @All, > > i'm trying to integrate LDAP into my Graylog. I'm using Graylog standalone > docker machine. > > In my case i'm putt all the configuration of LDAP into Graylog UI, then > • Test Server Connection -> Works Fine! > • Test Login -> Works Fine! > • Save LDAP Settings -> Fail! > > After looking into Logs i found this: > > Unable to save LDAP settings. > > > > org.graylog2.restclient.lib.APIException: API call failed PUT > http://@172.17.0.14:12900/system/ldap/settings returned 500 Internal Server > Error body: {"type":"ApiError","message":"String index out of range: 16"} > > > > > > > > > Has anybody this error before? > > > > Best > > Ivan > > > > -- > You received this message because you are subscribed to the Google Groups > "Graylog Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to graylog2+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/graylog2/3a36c236-4aa3-4030-ab98-360c42215382%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/D935506A-A040-4E65-B97C-291CFD3CFFEB%40graylog.com. For more options, visit https://groups.google.com/d/optout.
Re: [graylog2] Trends presentation in dashboard
Hi Edmundo, thx, I will try upgrade graylog to 1.2 next week (I wanted to wait till 1.2.1 honestly), here some screenshot of my dasboard http://imgur.com/a/l0t02, the widget shows count of specific errors every 5 minutes (so less is better). here is "4", 5 minutes before it was "1", so if I understood correctly the arrow should be red (pointing up). Best, Stan 2015-09-18 14:21 GMT+02:00 Edmundo Alvarez: > Hi Stanislav, > > The "lower is better" option changes the used colour for arrows indicating > the trend. With that option enabled, arrows pointing down will be in green, > and arrows pointing up in red. I am not aware of any issues with that > feature, at least seems to be working in 1.2.0. Could you please upgrade to > 1.2.0 and see if the problem disappears? > > In other case, please attach an screenshot of the problem, and the > configuration of the widget (you get it by clicking on the info button on the > bottom-right corner of the widget). > > Regards, > > Edmundo > >> On 17 Sep 2015, at 18:18, Stanislav Kopp wrote: >> >> Hi all, >> >> I have a question about trends in dashboard, I've activated trend for simple >> logs counter with option "Lower is better", but no matter if number of logs >> is lower or higher, it always remains "green". Did I misunderstood this >> feature or it is something wrong with my setup? >> >> I'm using Graylog 1.1.4 >> >> Thanks, >> Stan >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Graylog Users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to graylog2+unsubscr...@googlegroups.com. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/graylog2/c186a534-3577-4455-9a5c-5c4876a75fb0%40googlegroups.com. >> For more options, visit https://groups.google.com/d/optout. > > -- > You received this message because you are subscribed to a topic in the Google > Groups "Graylog Users" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/graylog2/rgagiaf8MgM/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > graylog2+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/graylog2/3FF40F9E-94B6-4586-9C93-3CA575A83222%40graylog.com. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/CAFddgf3detsBhXPFuSKsd0GODRDsZx3BnzsVG-0ya0kMVJ7%2Bdg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [graylog2] Graylog 1.2 LDAP Integration Error.
Hey Kay, thank you for the answer! So far i know to keep the input configurations/ grok patterns / custom extractors, i have to use the same NODE_ID and same password_secret. I estimate when i change it i will lose all this configurations? Do you have a approach to avoid this? Ivan Am Freitag, 18. September 2015 15:57:45 UTC+2 schrieb Kay Röpke: > > This is because your password_secret in the server.conf is too short. > > We use AES to encrypt the system password and AES needs 16 characters as > inputs from the secret. If it is too short, then we can’t encrypt it. > > If you change it, then you need to reset the passwords of all users except > the builtin admin account. > > cheers, > -k > > On 18 Sep 2015, at 15:49, Edmundo Alvarez> wrote: > > > > Hi, > > > > Could you please also include any errors that you may see in the Graylog > server log? Maybe those were give us a hint. > > > > Thank you, > > > > Edmundo > > > >> On 18 Sep 2015, at 15:34, ivan morozov > wrote: > >> > >> Hi @All, > >> > >> i'm trying to integrate LDAP into my Graylog. I'm using Graylog > standalone docker machine. > >> > >> In my case i'm putt all the configuration of LDAP into Graylog UI, then > >> • Test Server Connection -> Works Fine! > >> • Test Login -> Works Fine! > >> • Save LDAP Settings -> Fail! > >> > >> After looking into Logs i found this: > >> > >> Unable to save LDAP settings. > >> > >> > >> > >> org.graylog2.restclient.lib.APIException: API call failed PUT http://@ > 172.17.0.14:12900/system/ldap/settings returned 500 Internal Server Error > body: {"type":"ApiError","message":"String index out of range: 16"} > >> > >> > >> > >> > >> > >> > >> > >> > >> Has anybody this error before? > >> > >> > >> > >> Best > >> > >> Ivan > >> > >> > >> > >> -- > >> You received this message because you are subscribed to the Google > Groups "Graylog Users" group. > >> To unsubscribe from this group and stop receiving emails from it, send > an email to graylog2+u...@googlegroups.com . > >> To view this discussion on the web visit > https://groups.google.com/d/msgid/graylog2/3a36c236-4aa3-4030-ab98-360c42215382%40googlegroups.com. > > > >> For more options, visit https://groups.google.com/d/optout. > > > > -- > > You received this message because you are subscribed to the Google > Groups "Graylog Users" group. > > To unsubscribe from this group and stop receiving emails from it, send > an email to graylog2+u...@googlegroups.com . > > To view this discussion on the web visit > https://groups.google.com/d/msgid/graylog2/D935506A-A040-4E65-B97C-291CFD3CFFEB%40graylog.com. > > > > For more options, visit https://groups.google.com/d/optout. > > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/78189821-d52f-4e8c-8c1f-ed9adb743d24%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Re: Elasticsearch cluster is red.
Hi Drew, Thank you for reply. I only have one node. No other errors except what i posted on the other logs files. I did a cleanse and after reconfiguring it, its working fine for now. On Thursday, September 17, 2015 at 9:06:56 PM UTC-7, Drew Miranda wrote: > > Are you able to do a cat on your elastic search via the api? > https://www.elastic.co/guide/en/elasticsearch/reference/current/cat.html > > Do you just have one ES node? Does the logs for elaaticsearch have any > errors? > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/e9e890a7-c3bf-4afc-adee-6ca7a6ed7a6b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.