[graylog2] Re: Troubleshooting logs
Hi Tom, On Friday, 17 February 2017 00:41:03 UTC+1, Tom Powers wrote: > > I've found this article on the right place to put the certs...but not sure > what format or how to get them out of the master server > > > http://docs.graylog.org/en/2.0/pages/faq.html#i-have-configured-an-smtp-server-or-an-output-with-tls-connection-and-receive-handshake-errors-what-should-i-do > See http://docs.graylog.org/en/2.2/pages/configuration/https.html#adding-a-self-signed-certificate-to-the-jvm-trust-store for instructions for how to add certificates to the JVM trust store. Cheers, Jochen -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/2134480e-bd5c-46b2-8521-3c93d1b3ac90%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Re: Troubleshooting logs
I've found this article on the right place to put the certs...but not sure what format or how to get them out of the master server http://docs.graylog.org/en/2.0/pages/faq.html#i-have-configured-an-smtp-server-or-an-output-with-tls-connection-and-receive-handshake-errors-what-should-i-do -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/5b469fe8-40d1-4a2f-856c-53cbce58f870%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Re: Troubleshooting logs
That's the problem then. What files need to move from the server 2 took the server 1 machines? Getting to find doc on that, but it's sparse Thanks Tp -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/69273b19-c00f-4e59-890c-7e19909cee68%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Re: Troubleshooting logs
Hi Tom, On Thursday, 16 February 2017 16:28:09 UTC+1, Tom Powers wrote: > > If I turn TLS on for the Input side (Server 2), and click the Verify TLS > on the client side(server1) (like I have done in my test lab), then the > Server2 doesn't receive anything on the input. > Have the SSL certificates you're using been signed by a public CA or did you add them to the JVM trust store on the second server? If not, that's the problem. Cheers, Jochen -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/4bbc3f47-430f-4a38-8077-31afa1840770%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Re: Troubleshooting logs
OK...so here's the scoop. All Graylog Servers in use are built from the OVA...all version 2.13 Graylog Server 1 - Sits at our remote office. Collects Windows Events for the site. It has a series of streams setup. Each stream is using a GELF TCP port 12203 output to my main office Graylog Server 2 - Sits at main office. It has a Gelf TCP input for 12203 to receive streams from remote office. Trying to send the stream through the internet over TLS. My firewall at main office has 12203 open and pointing to graylog server 2 Issue: If I leave TLS off, then the system works great. If I turn TLS on for the Input side (Server 2), and click the Verify TLS on the client side(server1) (like I have done in my test lab), then the Server2 doesn't receive anything on the input. I see traffic in the firewall over 12203 Logs on servers are showing no errors (though admittedly...I may not be looking in the right area) I assume I have not setup TLS correctly and the docs are a bit vague on that Any insight is appreciated Thanks TP On Wednesday, February 15, 2017 at 4:00:28 PM UTC-6, Tom Powers wrote: > > Hello, > > If I'm trying to troubleshoot why an output from a stream , being > forwarded to another graylog server, and the stream populates but the > receiving server shows nothing, which logs on the graylog boxes would I > check to see if I have an output or an input problem? > > Thanks > > TP > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/54ce3680-8daf-4a98-9c60-6843e685b460%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Re: Troubleshooting logs
Hi Tom, please share all relevant details about your setup (configuration of the output, configuration of the receiving server, logs of both systems, etc.). See http://docs.graylog.org/en/2.2/pages/configuration/file_location.html for the correct file locations in your system. Cheers, Jochen On Wednesday, 15 February 2017 23:00:28 UTC+1, Tom Powers wrote: > > Hello, > > If I'm trying to troubleshoot why an output from a stream , being > forwarded to another graylog server, and the stream populates but the > receiving server shows nothing, which logs on the graylog boxes would I > check to see if I have an output or an input problem? > > Thanks > > TP > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/7511546b-a14a-46ff-a5fe-1b81133aae49%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
