[graylog2] Re: Error during log reading

HI Jochen, I don't find anything clear in my logs that could help me resolve the issue. Below is my log, can you please let me know if you find the error in that. [2016-03-23 15:15:31,692][WARN ][transport.netty ] [Erik Magnus Lehnsherr] exception caught on transport layer [[id:

[graylog2] Message's Source Address replaced by Load Balancer NAT'd IP

Hello, My company was fortunate to allow me testing this product on a high platform - 2 Solaris Sparc Nodes and 1 F5 Big-IP as Load Balancer Have anyone come to this already? Whenever the messages are routed into the path of the Load Balancer to the Nodes, the message are stripped of the

[graylog2] Re: Elasticsearch cluster error: shards unassigned

Hi Roberto, please refer to https://t37.net/how-to-fix-your-elasticsearch-cluster-stuck-in-initializing-shards-mode.html for an example how to fix the unassigned shards issue. Cheers, Jochen On Wednesday, 23 March 2016 15:08:20 UTC+1, roberto...@gmail.com wrote: > > Dear, I have Graylog

[graylog2] Re: Delete by Query (XDELETE) not works

Hi Steve, which version of Elasticsearch are you using and what's the exact reply of Elasticsearch when running your script? Cheers, Jochen On Wednesday, 23 March 2016 15:57:23 UTC+1, Steve Miller wrote: > > Hello > > I have this Bash-Script to delete messages for the ElasticSearch Server. > >

[graylog2] Delete by Query (XDELETE) not works

Hello I have this Bash-Script to delete messages for the ElasticSearch Server. #!/bin/sh FDATE=`date +"%F %H:%M:%S.000" --date="60 days ago"` TDATE=`date +"%F %H:%M:%S.000" --date="0 days ago"` RANGE='{ "query": { "filtered": { "query": { "query_string": { "query":

[graylog2] Re: Graylog search syntax misleading

Hi Holger, Graylog is currently utilizing Elasticsearch for indexing and querying log message which in turn utilizes Lucene as it's low-level search library. Thus, Graylog is currently limited to using the Lucene Query Syntax (see

[graylog2] Re: Messages marked as incomplete and leaving them unprocessed

Hi, how exactly are you sending messages from fluentd to Graylog? Could you share your fluentd and the Graylog input configuration? Cheers, Jochen On Tuesday, 22 March 2016 18:24:04 UTC+1, _harsha_ wrote: > > Don't think I'm the only one doing this but here's my setup - > > I'm running

[graylog2] Re: A lot of error on Graylog-web

Hi Scarlet, those messages are usually caused by clients (i. e. web browsers) whose session timed out (thus the 401 HTTP response status) but still have a tab with the Graylog web interface opened which tries to update the throughput metrics. They can usually be ignored. Cheers, Jochen On

[graylog2] Re: missing wizard

Hi Senthil, please refer to http://docs.graylog.org/en/1.3/pages/getting_started/create_dashboard.html for the documentation about how to add widgets/charts to dashboards in Graylog. Cheers, Jochen On Wednesday, 23 March 2016 11:14:17 UTC+1, senthil kumar wrote: > > The search results are

[graylog2] missing wizard

The search results are disaplying histogram and list format but wizards that would allow graphical presentation to be added to dashboard has disappered. - is this a setting somewhere that would reneable wizards on the search results screen. your help will be much appreciated. -- You received

[graylog2] Need help in scaling up my Graylog-elasticsearch-logstash setup

Hi All, My task is to have a centralized log analysis tool that can accommodate 500 GB of log files; and can search for anything within seconds from it. So, had a basic setup of Graylog with elasticsearch and logstash. To start, I tried reading one log file using logstash and stored it in