[graylog2] Re: graylog Could not connect to Elasticsearch

graylog vesrsion: 1.2 elasticsearch 1.7.3 On Friday, January 8, 2016 at 1:16:40 PM UTC+5:30, Aman Kumar wrote: > > Hi, > > I am using below setup: > Two vagrant boxes for elastic search* 192.168.33.10,192.168.33.11* > they have started fine: > > curl -XGET 'http://192.168.33.10:9200/_cluster/heal

[graylog2] graylog Could not connect to Elasticsearch

Hi, I am using below setup: Two vagrant boxes for elastic search* 192.168.33.10,192.168.33.11* they have started fine: curl -XGET 'http://192.168.33.10:9200/_cluster/health?pretty=true' { "cluster_name" : "graylog-production", "status" : "green", "timed_out" : false, "number_of_node

[graylog2] Increase the number of items the displays in Quick values in the widget

Hi, When we use the Quick values in the widget, it displays only about 50 items in the value the rest of the details are not shown, when the search query is changed ignoring few patterns of the current values, we get to see the rest of the missing items. https://github.com/Graylog2/graylog2-

Re: [graylog2] Re: How to change login screen and UI

Hi, I got source code from here graylog2 web interface http://docs.graylog.org/en/1.3/pages/installation/manual_setup.html#graylog-web-interface-on-linux for details.> (graylog2 release). || Simply add the relevant data to the configuration file of the web interface, see http://docs.graylog

[graylog2] Re: grok and subpatterns

Hi Alex, see https://github.com/Graylog2/graylog2-server/issues/1486 for a related bug report. Cheers, Jochen On Thursday, 7 January 2016 16:22:06 UTC+1, Alex B. wrote: > > Problem remains using graylog 1.3.2 > -- You received this message because you are subscribed to the Google Groups "Gra

[graylog2] Re: grok and date conversion problem

I'm using graylog 1.3.2 -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https:/

[graylog2] Re: grok and subpatterns

Problem remains using graylog 1.3.2 -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web vi

[graylog2] Re: Cant find Regex command for extractor

Hello, Hope this message to be displayed correctly :] You can try : categoryname="[a-zA-Z \/]+" or (?m)categoryname="([a-zA-Z \/]+)" regards Le jeudi 7 janvier 2016 14:59:45 UTC+1, toni.fro...@scaltel.de a écrit : > > Hello! > > We are new at Graylog and would like to discover several functio

[graylog2] Re: Cant find Regex command for extractor

you can try: categoryname="[a-zA-Z \/]+" or (?m)categoryname="([a-zA-Z \/]+)" regards Le jeudi 7 janvier 2016 14:59:45 UTC+1, toni.fro...@scaltel.de a écrit : > > Hello! > > We are new at Graylog and would like to discover several functionality of > it, for that reason we had to extract specif

Re: [graylog2] Re: How to change login screen and UI

Thanks, Thuong On Thu, Jan 7, 2016 at 6:43 PM, Jochen Schalanda wrote: > Hi, > > I have got source code here graylog2 web interface >> >> . >> > > This is the web interface for the upcoming Graylog 2.0.0 release. I

[graylog2] Re: Concatenating Fields or Charting two fields

When selecting the field of your message choose create extractor for field message -> replace with regular expression in regular expression you can for instance try User: or something like (User:|,VirusFound:(Yes|No)) and in replacement "" only attempt if field matches regular expression: Use

Re: [graylog2] Re: Concatenating Fields or Charting two fields

Thanks for the Reply , I Am not aware of a Replace extractor , how do you do that? On Thu, Jan 7, 2016 at 2:44 PM, kaiser wrote: > Hello, > > To do that I guess I would make a first copy of the log into another field. > Then I would use several replace extractors to replace "user:" with empty >

[graylog2] Re: Concatenating Fields or Charting two fields

Hello, To do that I guess I would make a first copy of the log into another field. Then I would use several replace extractors to replace "user:" with empty string, ",Machine:" with | and ",VirusFound:(true|false)" with empty string. I would also add the condition that the log would contain user

[graylog2] Alert email Callback link returns no result

Hello, I have set some email alert callback in graylog. When the email is received there is a link refering to the event in the related stream. When I click on this link it returns no results. Nevertheless when manually searching on the stream the event can be found. Any idea on this problem?

[graylog2] Re: Log location

Hi Phil, the size of the files in the Elasticsearch data directory depends on the amount of data indexed by Elasticsearch. If you only changed the data.path setting and didn't copy the old index files, the data directory will only contain documents indexed from that time on. Cheers, Jochen O

[graylog2] Re: How to change login screen and UI

Hi, On Thursday, 7 January 2016 10:16:00 UTC+1, thuon...@gmail.com wrote: > > I have been customizing own version of web interface,now I want to > override this own version on my server(I installed graylog2 on it).How can > I do it? > Well, just install your customized web interface on your ser

[graylog2] Re: How to change login screen and UI

Hi, I have been customizing own version of web interface,now I want to override this own version on my server(I installed graylog2 on it).How can I do it? Thanks, -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group

[graylog2] Re: How to change login screen and UI

Hi, I have been customizing own version of web interface,now I want to override this own version on my server(I installed graylog2 on it).How can I do it? Thanks, On Tuesday, November 17, 2015 at 3:23:17 PM UTC+7, Scarlet Eza wrote: > > Dear Jochen, > Thanks for this. > > On Monday, November 16,

Re: Re: [graylog2] Re: How many clients does a single graylog-server can serve in parallel?

Hi Henrik, Thanks for your explanation! Now I am playing around the "inputs" of graylog and have a question: Suppose now I am gathering logs from 100 nodes, I have 2 plans: 1) setup only 1 Input of type plain text to serve all 100 nodes 2) setup ex