[graylog2] Re: geolocation

2016-10-26 Thread manimaran 
Hi,

Please suggest any solution for  the last post..





On Tuesday, October 18, 2016 at 1:59:20 PM UTC+5:30, mani...@qrsolutions.in 
wrote:
>
> Hi Folks,
>
> I need some help regarding geolocation (world map ) in graylog by using 
> the Pfsense logs. 
>
> While I am trying to create a map it shows the error that (Map widget is 
> only available for fields containing geo data).
>  
>
>
> Thanks and Regards,
> Manimaran
> Cell: +919962626220
>

-- 


**Disclaimer**

"This email and any attachments are confidential and are for the intended 
addressee[s] only. Unauthorised use of this communication is prohibited. If 
you have received this communication in error, please notify the sender and 
remove them from your system. Confidentiality is not waived or lost by 
reason of the mistaken delivery to you. Please scan this email and any 
attachment(s) for viruses. It is your responsibility to check them before 
opening"

End of Disclaimer*

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/b09c8e53-18c7-40c9-8407-93e63cf5e0d4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: geolocation

2016-10-24 Thread manimaran 


Hi, 

Thank's all. finally I fixed that DB issue by using updated DB from max 
mind :-) :-).

And finally I have one query. it is possible to display geo-values along 
with IP's in map???


*once again thank's for your support folks. *



On Tuesday, October 18, 2016 at 1:59:20 PM UTC+5:30, mani...@qrsolutions.in 
wrote:
>
> Hi Folks,
>
> I need some help regarding geolocation (world map ) in graylog by using 
> the Pfsense logs. 
>
> While I am trying to create a map it shows the error that (Map widget is 
> only available for fields containing geo data).
>  
>
>
> Thanks and Regards,
> Manimaran
> Cell: +919962626220
>

-- 


**Disclaimer**

"This email and any attachments are confidential and are for the intended 
addressee[s] only. Unauthorised use of this communication is prohibited. If 
you have received this communication in error, please notify the sender and 
remove them from your system. Confidentiality is not waived or lost by 
reason of the mistaken delivery to you. Please scan this email and any 
attachment(s) for viruses. It is your responsibility to check them before 
opening"

End of Disclaimer*

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/140b1553-0d1e-4f4e-8ac7-30b9917c1cac%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: geolocation

2016-10-22 Thread Jochen Schalanda 
Hi,

did you save the MaxMind GeoIP data base to /opt/Geo-DB/GeoLite2-City.mmdb 
and is it readable for the system user running Graylog?

Cheers,
Jochen

On Saturday, 22 October 2016 05:58:50 UTC+2, mani...@qrsolutions.in wrote:
>
> Hi,
>
> Thanks for your patients, finally I found the issue 
>
> in my graylog-server log I found that below error. could you please help 
> he to fix it out.
>
> *(2016-10-17T18:57:01.965+11:00 ERROR [GeoIpResolverEngine] Could not open 
> GeoIP database /opt/Geo-DB/GeoLite2-City.mmdb*
> *com.maxmind.db.InvalidDatabaseException: Could not find a MaxMind DB 
> metadata marker in this file (GeoLite2-City.mmdb). Is this a valid MaxMind 
> DB file?*
> *at com.maxmind.db.Reader.findMetadataStart(Reader.java:278) 
> ~[?:?])*
>
> On Tuesday, October 18, 2016 at 1:59:20 PM UTC+5:30, 
> mani...@qrsolutions.in wrote:
>>
>> Hi Folks,
>>
>> I need some help regarding geolocation (world map ) in graylog by using 
>> the Pfsense logs. 
>>
>> While I am trying to create a map it shows the error that (Map widget is 
>> only available for fields containing geo data).
>>  
>>
>>
>> Thanks and Regards,
>> Manimaran
>> Cell: +919962626220
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/2bab093d-8934-449d-948c-2ad4619af615%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: geolocation

2016-10-21 Thread manimaran 
Hi,

Thanks for your patients, finally I found the issue 

in my graylog-server log I found that below error. could you please help he 
to fix it out.

*(2016-10-17T18:57:01.965+11:00 ERROR [GeoIpResolverEngine] Could not open 
GeoIP database /opt/Geo-DB/GeoLite2-City.mmdb*
*com.maxmind.db.InvalidDatabaseException: Could not find a MaxMind DB 
metadata marker in this file (GeoLite2-City.mmdb). Is this a valid MaxMind 
DB file?*
*at com.maxmind.db.Reader.findMetadataStart(Reader.java:278) 
~[?:?])*

On Tuesday, October 18, 2016 at 1:59:20 PM UTC+5:30, mani...@qrsolutions.in 
wrote:
>
> Hi Folks,
>
> I need some help regarding geolocation (world map ) in graylog by using 
> the Pfsense logs. 
>
> While I am trying to create a map it shows the error that (Map widget is 
> only available for fields containing geo data).
>  
>
>
> Thanks and Regards,
> Manimaran
> Cell: +919962626220
>

-- 


**Disclaimer**

"This email and any attachments are confidential and are for the intended 
addressee[s] only. Unauthorised use of this communication is prohibited. If 
you have received this communication in error, please notify the sender and 
remove them from your system. Confidentiality is not waived or lost by 
reason of the mistaken delivery to you. Please scan this email and any 
attachment(s) for viruses. It is your responsibility to check them before 
opening"

End of Disclaimer*

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/c8d051a4-54f2-4dce-a51b-641394d595cf%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: geolocation

2016-10-19 Thread Jochen Schalanda 
Hi,

On Wednesday, 19 October 2016 10:17:59 UTC+2, mani...@qrsolutions.in wrote:
>
> And now only I notice that Pfsense log doesn't contain any (log/lat) geo 
> values. It is possible to create map without geo values??
>

No, that's not possible and that's exactly what the GeoIP Processor is for.

Please read http://docs.graylog.org/en/2.1/pages/geolocation.html for 
details and setup instructions.

Cheers,
Jochen

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/0a6c6df5-0285-4644-a272-83ae17332223%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: geolocation

2016-10-19 Thread manimaran 

Hi,

Please find the details below.

And now only I notice that Pfsense log doesn't contain any (log/lat) geo 
values. It is possible to create map without geo values??




 


On Wednesday, October 19, 2016 at 9:44:26 AM UTC+5:30, Aykisn wrote:
>
> Did you do every steps of the documentation about this ?
> Is there a pfsense_filter_sourceip_geolocation field in your list of 
> fields ?
>

-- 


**Disclaimer**

"This email and any attachments are confidential and are for the intended 
addressee[s] only. Unauthorised use of this communication is prohibited. If 
you have received this communication in error, please notify the sender and 
remove them from your system. Confidentiality is not waived or lost by 
reason of the mistaken delivery to you. Please scan this email and any 
attachment(s) for viruses. It is your responsibility to check them before 
opening"

End of Disclaimer*

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/3b191c7b-d488-42bf-a0fc-f1115fc93b7d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: geolocation

2016-10-18 Thread Aykisn 
Did you do every steps of the documentation about this ?
Is there a pfsense_filter_sourceip_geolocation field in your list of fields 
?

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/3552e67f-e665-4188-91bf-008f4be18736%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: geolocation

2016-10-18 Thread Jochen Schalanda 
Hi,

please provide a complete example message and attach the configuration of 
the GeoIP resolver you're using.

Cheers,
Jochen

On Tuesday, 18 October 2016 13:08:02 UTC+2, mani...@qrsolutions.in wrote:
>
>
> Hi Jochen,
>
> what kind of data do you want to show on the map?
>
> *I want to see the longitude and latitude (location) of the IP's.*
>
> What's the exact content of the message field you're using?
>
> *The exact content input was UDP Syslog and message field was 
> source pfsense_filter_sourceip (x.x.x.x) contain IP's.*
>
> And I went through the link which you shared early.
>
> Thanks 
> Manimaran N
>
>
>
>
>
>
> On Tuesday, October 18, 2016 at 3:48:50 PM UTC+5:30, Jochen Schalanda 
> wrote:
>>
>> Hi,
>>
>> what kind of data do you want to show on the map?
>>
>> What's the exact content of the message field you're using?
>>
>> Also see http://docs.graylog.org/en/2.1/pages/geolocation.html for more 
>> details.
>>
>> Cheers,
>> Jochen
>>
>> On Tuesday, 18 October 2016 10:29:20 UTC+2, mani...@qrsolutions.in wrote:
>>>
>>> Hi Folks,
>>>
>>> I need some help regarding geolocation (world map ) in graylog by using 
>>> the Pfsense logs. 
>>>
>>> While I am trying to create a map it shows the error that (Map widget is 
>>> only available for fields containing geo data).
>>>  
>>>
>>>
>>> Thanks and Regards,
>>> Manimaran
>>> Cell: +919962626220
>>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/3d8cb8d2-fd93-447e-8935-a3900fd5452c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: geolocation

2016-10-18 Thread Jochen Schalanda 
Hi,

what kind of data do you want to show on the map?

What's the exact content of the message field you're using?

Also see http://docs.graylog.org/en/2.1/pages/geolocation.html for more 
details.

Cheers,
Jochen

On Tuesday, 18 October 2016 10:29:20 UTC+2, mani...@qrsolutions.in wrote:
>
> Hi Folks,
>
> I need some help regarding geolocation (world map ) in graylog by using 
> the Pfsense logs. 
>
> While I am trying to create a map it shows the error that (Map widget is 
> only available for fields containing geo data).
>  
>
>
> Thanks and Regards,
> Manimaran
> Cell: +919962626220
>

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/d42de3bb-56e9-4811-abff-7bb39819ef21%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [graylog2] Re: geolocation problem

2016-09-20 Thread Aykisn 
Hi,

That's not how it works.
You need to create an extrator that will catch the ip address in those 
messages, and make a field of it. Only then will the GeoIp resolver convert 
find the geolocation of that ip, and automatcally create a new field named 
"your_ip_field_geolocation", and you will be able to visualize a map out of 
this field.

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/c9a0d071-3a10-4368-a3ba-00847325afab%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [graylog2] Re: geolocation problem

2016-09-20 Thread Jochen Schalanda 
Hi Tony,

please answer the questions from my last post:

what field do you try to graph on the map widget and what are the contents 
> of that field?
>

Ideally, include some example messages.

Cheers,
Jochen 

On Tuesday, 20 September 2016 16:46:51 UTC+2, Tony wrote:
>
> Ho Jochen,
> I had tried all fields with the same error. The file is the classic 
> apache2 access.log file.
>
> Thanks
>
> Tony
>
> 2016-09-19 8:48 GMT+01:00 Jochen Schalanda:
>
>> Hi Tony,
>>
>> what field do you try to graph on the map widget and what are the 
>> contents of that field?
>>
>> Also make sure to read 
>> http://docs.graylog.org/en/2.1/pages/geolocation.html and the FAQ 
>> section at the end.
>>
>> Cheers,
>> Jochen
>>
>> On Saturday, 17 September 2016 14:23:49 UTC+2, Tony wrote:
>>>
>>> Hi All,
>>> I have some trouble with the geoloc feature in Graylog with apache2 log 
>>> files. When I click on World map got the error in the picture. I had 
>>> already installed the city DB and GeoIP resolver is in the last position. I 
>>> run Graylog 2.1 + Collector-sidecar and Nxlog. Any suggestion?
>>>
>>> Thanks in advance
>>> Tony
>>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/51d38fa7-cc62-49f4-83c2-f721f3bb44f3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.