[graylog2] Graylog stop sending messages to elasticsearch

Hi I hope someone can give me a hint. After search for two weeks now I cannot find the solution for my problem. Graylog stops sending messages to elasticsearch (throuput In: xxx / Out: 0). If I restart graylog messages are beeing sent to elasticsearch but not with the same performance as it

[graylog2] Graylog Web Interface Internal Server Error

Hi There, On the Graylog Web Interface, after a day or so, everytime i click on "Sources" to try and view up to date log information, i get the following error: Could not load sources data Loading of sources data failed with status: Internal Server Error. Try reloading the page. However, on

[graylog2] grok pattern not working

Hello Guys! I'd like to setup an extractor with Grok pattern. This is my sample message and pattern: 10.10.1.1 - - [13/Oct/2015:17:19:54 +0200] "GET //ed98/561/this.m3u8 HTTP/1.1" 200 388 "http://10.1.1.1/hls.php?o==2kV=BASE64; "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11)

[graylog2] Re: grok pattern not working

Hi Zsolt, did you add the required Grok patterns to your Graylog system? Cheers, Jochen On Tuesday, 20 October 2015 12:56:17 UTC+2, Zsolt Osztrovszky wrote: > > Hello Guys! > I'd like to setup an extractor with Grok pattern. > This is my sample message and pattern: > 10.10.1.1 - -

[graylog2] Re: Graylog Timestamp

Bumping this thread. On Friday, October 9, 2015 at 8:46:17 AM UTC-4, William Davis wrote: > > Is the timestamp displayed on the search page the timestamp when Graylog > received the message or some timestamp contained within the message (like > when it was generated)? > > I have created a

Re: [graylog2] Re: setup ElasticSearch and Graylog

Hi Zsolt, depending on the operating system you've installed Graylog on you can either use the init script (Debian Wheezy, `service graylog-server restart`), the Upstart service (Ubuntu, `restart graylog-server`), or the systemd service (Debian Jessie, `systemctl restart graylog-server`) to

Re: [graylog2] Graylog Web Interface Internal Server Error

Hi Michel, Could you please look into your ES and Graylog logs and share any errors that you see while loading the data? Regards, Edmundo > On 20 Oct 2015, at 10:49, Michel Laporte > wrote: > > Hi There, > > On the Graylog Web Interface, after a day or

[graylog2] Searching by timestamp range

Hello everyone, Is there a way to do a search for all records with a timestamp that is outside normal business hours? I can't seem to do ranges on timestamps, ignoring the date. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To

[graylog2] Graylog stop sending messages to elasticsearch after adding extractor

Hi I have the problem that right after adding a grok extractor to an input the system immediately stopps sending messages to elasticsearch (out = 0). Does somebody had the same experience? My pattern looks like

[graylog2] Re: Searching by timestamp range

I ended up writing a MessageFilter plugin that intercepts the messages and explodes the "timestamp" field into parts: private void explodeDateField(String field, Message message) { if (message.hasField(field)) { Object fieldValue = message.getField(field); if (fieldValue !=

[graylog2] Re: Searching by timestamp range

I ended up writing a MessageFilter plugin that intercepts the messages and explodes the "timestamp" field into parts: private void explodeDateField(String field, Message message) { if (message.hasField(field)) { Object fieldValue = message.getField(field); if (fieldValue !=