[graylog2] Graylog2 0.92.0 RC1 - Incorrect NodeID listed

Hi Folks, I've noticed an issue when getting metric information of a Node, the URL is formed with an incorrect node id when selecting the metric, as shown under System (node id). Where as the cor

[graylog2] Minor change to enable tab completion of Graylog2 services that were installed via a package

I recently installed the Graylog2 0.91.3-1 Debian package on Ubuntu 14.04.1. Being new to upstart, I was confused when tab-completion of the "service" command didn't list any Graylog options. I believe this is because Debian is expecting Upstart services to place a symbolic link inside the "/e

[graylog2] Re: Multiple rotation strategies

We like a kind of the same here, and the only way 4 now is multiple instances of gl2-web & server. As I understand it is work in progress. One possibility could be to configure more indexes in graylog2.conf, and then bind the input to the configured index. There are more advantages here in searc

[graylog2] Re: Error when accessing Import Extractors

Hi Josep, that's a bug in Graylog2 0.92.0-rc.1 which has been fixed and will be part of Graylog2 0.92.0. Cheers, Jochen Am Dienstag, 25. November 2014 17:28:52 UTC+1 schrieb Josep Maria Comas Serrano: > > Sorry, actually the error is: > > 2014-11-25 17:25:27,469 ERROR: > org.graylog2.plugin.

[graylog2] Re: Multiple rotation strategies

Hi Dimitri, multiple (or chained) message retention strategies are currently not possible with Graylog, so I'm afraid you'll have to set-up multiple instances to get different retention strategies for different messages. Cheers, Jochen Am Dienstag, 25. November 2014 15:18:57 UTC+1 schrieb Dmi

[graylog2] Re: High availability of graylog2 servers

Hi Martin, without going into detail on your actual question, there is a great blog series by Scott Pack about highly-available Graylog2 setups which you might want to take a look at. - http://secopsmonkey.com/migrating-graylog2-servers.html - http://secopsmonkey.com/migrating-graylog2-se

[graylog2] Re: graylog2 extractor - select first or second parenthesis

Hi Andrea, Am Dienstag, 25. November 2014 09:29:02 UTC+1 schrieb Andrea Consadori: > > "aaa (bbb) (ddd) " > > how can i create a regex that say take only the text in the second > parenthesis? > You can use a *non-capturing group* for this (see http://www.graylog2.org/resources/documentatio

[graylog2] Re: graylog2 extractor - select first or second parenthesis

Use split and cut with a "space" i think. You can configure this on your input. Op dinsdag 25 november 2014 09:29:02 UTC+1 schreef Andrea Consadori: > > Hi all, > if i've log like this > > "aaa (bbb) (ddd) " > > how can i create a regex that say take only the text in the second > parenthesi

[graylog2] Re: Alert condition if field message contains string or matches regex

To me it works, We are mailing to an smtp on port 25. It is standard transfer in graylog2.conf in the mail section we have hacked # everything that is not necessary. The alert has to be configured within the corespending field, configuring an stream alert is step one, configuring an email alert

[graylog2] graylog2 extractor - select first or second parenthesis

Hi all, if i've log like this "aaa (bbb) (ddd) " how can i create a regex that say take only the text in the second parenthesis? -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it

[graylog2] Load spikes and elevated CPU after upgrading from (0.90.1 ES:0.9) to (0.91.3 ES:1.3.4)

I've recently updated a Graylog2 setup as the title indicates, it's a single instance of server, web and elasticsearch. Following the upgrade, I started seeing high load spikes periodically as well as elevated CPU compared to the previous version. See the graphs - the upgrade happened at abou

[graylog2] Package repositories

Im syncing the repo locally with no issue using the reposync tool from spacewalk. -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.

[graylog2] Re: Clean install but not yet functional

Zookie, You had the same confusion I did after installing the packages. I didn't see any graglog2 files in /etc/init.d/, and tab-completion of the "service " command didn't list any graylog2 files either. I have since learned that the init scripts are located in "/etc/init/", which is the ne

[graylog2] Alert condition if field message contains string or matches regex

Hi, I have installed and configured graylog2 successfully and it looks great! Now i am trying to send an email, if in a stream the field message contains a string or matches a regex. For example, if the message contains the string "Accepted publickey for", send me an email. So I can get notifi

Re: [graylog2] Re: Installed using .deb, graylog2-web doesn't connect to graylog2-server

I have this same issue and I commented on the existing issue. Read here for more info: https://github.com/Graylog2/graylog2-server/issues/716 Tristan On Tuesday, November 11, 2014 10:28:30 AM UTC-7, Jochen Schalanda wrote: > > Hi Jeff, > > Am Montag, 10. November 2014 17:24:00 UTC+1 schrieb Je

[graylog2] High availability of graylog2 servers

Hi, We consider using graylog in our cloud infrastructure and I would like to ask about how it works if one node dies. Lets say, that I want to have at least two graylog2 servers in the infrastructure and I want the second one to be fully operational if the first one dies. By fully operational

[graylog2] Re: Error when accessing Import Extractors

Sorry, actually the error is: 2014-11-25 17:25:27,469 ERROR: org.graylog2.plugin.rest.AnyExceptionClassMapper - Unhandled exception in REST resource org.graylog2.cluster.NodeNotFoundException: Unable to find node 5470215ae4b0fd11ea0bc34c at org.graylog2.cluster.NodeServiceImpl.byNodeId(NodeServ

[graylog2] Error when accessing Import Extractors

After we've upgraded to 0.92 rc1, we're not able to access Import Extractors on any Input configured: Oops, an error occured This exception has been logged with id *6kakegjje*. The error on the console is: ERROR: org.graylog2.periodical.NodePingThread - Uncaught exception in periodical com

[graylog2] Multiple rotation strategies

Hi, Is it possible to have different rotation strategies for different logs? E.g. i want to have some logs for short-term storage and alerting. And some logs are needed for 1-2 years. Is it doable with single graylog-server instance or i need several? If it's doable with several graylog server

Re: [graylog2] Timestamp on UTC

OK great, Thanks JM 2014-11-25 12:45 GMT+01:00 Edmundo Alvarez : > Hi Josep Maria, > > Thank you for reporting this! > > We are aware of the issue and it will be fixed in the next 0.92 release. > Please take a look at this GitHub issue for more information: > https://github.com/Graylog2/graylog

Re: [graylog2] Timestamp on UTC

Hi Josep Maria, Thank you for reporting this! We are aware of the issue and it will be fixed in the next 0.92 release. Please take a look at this GitHub issue for more information: https://github.com/Graylog2/graylog2-web-interface/issues/979. Regards, Edmundo -- Developer Tel.: +49 (0)40 60

[graylog2] Timestamp on UTC

Working with 0.92.0 rc1, all charts, histograms, etc... correctly works with our local timezone. In fact, our Time Configuration is consistent in each piece of the system: User admin:2014-11-25 12:33:56.879 +01:00 Web browser: 2014-11-25 12:32:58.825 +01:00 Default JDK/JRE: 2014-11-25 12:33:

[graylog2] Re: nxlog tls GELF output?

Hi Mark, Am Dienstag, 25. November 2014 00:40:36 UTC+1 schrieb Mark Moorcroft: > > Are there instructions available to help me setup up a GELF input from > Windows nxlog with TLS enabled? > I'm not familiar with this particular setup but you should note that Graylog2 currently does not support

Re: [graylog2] Timestamp fixup

Hi Edmundo RC1 indeed fixes this issue, thanks a lot :) Looking forward to the next release. Regards Sandro On Monday, November 24, 2014 10:47:17 PM UTC+1, Edmundo Alvarez wrote: > > Hi Sandro, > > There is an issue with the “all messages” histogram visualisation in 0.90 > and 0.91 that migh

Re: [graylog2] Support for Elasticsearch 1.40

Fine! Any plan to release Graylog2 with ES 1.4.0 internally? Maybe in the next releases I suppose... Best, JM 2014-11-24 20:30 GMT+01:00 Jochen Schalanda : > Hi Josep, > > On 24.11.2014 13:30, Josep Maria Comas Serrano wrote: > > which leads Graylog2 to get into the elasticsearch cluster as 1.3