Re: [graylog2] After 2.0.2 update Web console page footer says "2.0.1"

Of course it was refreshed. cleared browser cache and everything. "2.0.1" comes form the server. On Monday, May 30, 2016 at 6:19:15 PM UTC+3, Edmundo Alvarez wrote: > > Hi Joe, > > Please also remember to refresh the Graylog web interface tab after > upgrading, as the whole web interface lives

[graylog2] Re: [Graylog node] Hitman node

Hi, that's simply the randomly chosen name of the Elasticsearch node running on your system. See https://www.elastic.co/guide/en/elasticsearch/reference/2.3/setup-configuration.html#node-name for details. Cheers, Jochen On Monday, 30 May 2016 17:17:55 UTC+2, kaiser wrote: > > Hello, > > I

Re: [graylog2] After 2.0.2 update Web console page footer says "2.0.1"

Hi Joe, Please also remember to refresh the Graylog web interface tab after upgrading, as the whole web interface lives in your browser now. Regards, Edmundo > On 30 May 2016, at 17:06, Jochen Schalanda wrote: > > Hi Joe, > > Graylog 2.0.2 should show the following

[graylog2] Re: After 2.0.2 update Web console page footer says "2.0.1"

Hi Joe, Graylog 2.0.2 should show the following version in the footer of the Graylog web interface: Graylog 2.0.2 (4da1379) >From the output you've posted it looks as if you've installed the "graylog-server" package for the first time (it's marked as NEW). Are you sure that you've been using

[graylog2] After 2.0.2 update Web console page footer says "2.0.1"

Following instructions on http://docs.graylog.org/en/2.0/pages/installation/operating_system_packages.html Installed 2.0.2 but in web colsole page footer it says: Graylog 2.0.1 (81e0187) on graylog (Oracle Corporation 1.8.0_77 on Linux 3.13.0-85-generic) Is this expected?

[graylog2] 2.0 image: Every time I perform graylog-ctl restart, four more unassigned shards appear

Every time we perform graylog-ctl restart four more unassigned shards appear: Elasticsearch cluster is yellow. Shards: 20 active, 0 initializing, 0 relocating, 8 unassigned graylog-ctl restart Elasticsearch cluster is yellow. Shards: 20 active, 0 initializing, 0 relocating, 12 unassigned

Re: [graylog2] How to deal with "Uncommited messages deleted from journal"?

Hej Joe, the main problem is - we can’t decide if it is ok for you that you lost some messages or not. If loosing messages is fine for you just let it run. If you want to keep all messages your application an server send over to graylog you should check your elasticsearch cluster. This is what

[graylog2] Oracle Audit Extended Log with Graylog

Hi , I'm trying to integrate oracle DB with Graylog2.I got a problem with this integration.To make this integration you need to open audit os trail option in Oracle database.When you done it ,DB send all of logs to syslog then I can receive this logs to Graylog2 ,there is no problem. But

[graylog2] Oracle Audit Extended Log with Os Level

Hi , I'm trying to integrate oracle DB and Graylog2 and I got a problem with this integration.To make this integration you need to open audit trail option to OS level in Oracle database.When you done it ,DB send all of logs to syslog then I can receive this logs to Graylog2. But in Oracle

[graylog2] Oracle Extended Log

Hi , I have got oracle database and I set audit_trail option to os in my Oracle database.I can receive oracle logs from Graylog 2 there is no problem.What I want receive extended log from Oracle DB .But OracleDB only support extended log with xml file or db ,not os. due to this problem I

Re: [graylog2] graylog-server 2.0.1 not working through reverse proxy

Thank you, but you might want to revise that. localhost isnt enough, you need to be able to specify normal proxy exclusions, like .domain. If you have multiple graylog servers they should not use proxy to communicate. Brgds. Martin On Monday, 30 May 2016 14:30:02 UTC+2, Dennis Oelkers wrote:

Re: [graylog2] graylog-server 2.0.1 not working through reverse proxy

Hey Martin, we have now implemented a function to disable the proxy for requests going to localhost. It is already merged and will be included in the next release of Graylog. Thanks for your support, D. > On 27.05.2016, at 12:19, Dennis Oelkers wrote: > >> On

[graylog2] Re: ldap or active directory settings not stored

Hi Jochen, i installed one of the GUI Admin tools (MongoVue). Perfect. In Collections, ldap_settings, i found 4 lines of settings. i delete all of them und configured ldap trough web-gui. now it works. Wolfgang Am Montag, 30. Mai 2016 11:39:38 UTC+2 schrieb Jochen Schalanda: > > Hi Wolfgang, >

Re: [graylog2] How to deal with "Uncommited messages deleted from journal"?

My Setup is very straightforward - Installed Graylog 2.0 EC2 image on amazon AWS. Graylog image is all-in-one image with Elasticsearch and Graylog server. When I asked previously in this forum if this a Graylog -specific problem I got no response. So I am asking as if it's not specific to Image.

[graylog2] Re: Regex Use in Pipeline Rule

Hi Chad, if you're simply looking for "SomeProc" inside the "message" field, why not use the contains() function? Why would that be more cumbersome? Cheers, Jochen On Wednesday, 25 May 2016 23:18:20 UTC+2, Chad Sheets wrote: > > I'm attempting to drop messages according to regular expressions

[graylog2] Re: ldap or active directory settings not stored

Hi Wolfgang, please take a look at these chapters from the MongoDB documentation: - https://docs.mongodb.com/getting-started/shell/client/ - https://docs.mongodb.com/manual/mongo/ - https://docs.mongodb.com/manual/reference/method/db.collection.find/ - e. g.

[graylog2] Re: Drools rule file reload

Hi Miro, you can use the Graylog REST API to add/remove/modify rules and pipelines, that's what the Graylog web interface is doing too. Cheers, Jochen On Thursday, 26 May 2016 10:58:04 UTC+2, Miro K wrote: > > Hi Jochen, > > thanks a lot for your answer. It seems pipelines/rules can do the

[graylog2] Re: LDAP Error

Hi Robert, please try deleting the "user_redacted" user (either in the web interface on the System -> Users page or in MongoDB in the "users" collection). Cheers, Jochen On Saturday, 28 May 2016 02:34:54 UTC+2, Robert Hough wrote: > > 2016-05-28T00:28:12.333Z ERROR [LdapUserAuthenticator]

[graylog2] Re: Where does Chef keep the Web-Interface URI list?

Hi, the list of involved hosts in the cluster is stored and distributed via Etcd. It's organized like a directory tree, so you can do: '/opt/graylog/emvedded/bin/etcdctl ls' or '/opt/graylog/emvedded/bin/etcdctl ls servers' to see all graylog servers. To delete an entry use the rm command:

Re: [graylog2] streams error

Hi, you can configure the email transport settings in the AMI using the graylog-ctl script and the set-email-config command (see http://docs.graylog.org/en/2.0/pages/installation/graylog_ctl.html#configuration-commands for details). Cheers, Jochen On Friday, 27 May 2016 11:32:43 UTC+2, rvb

[graylog2] Re: Cannot get Messages with offset < 10000 via api

Hi Dennis, Ive opened the issue: https://github.com/Graylog2/graylog2-server/issues/2306 Thank you Lukas Am Montag, 30. Mai 2016 10:46:59 UTC+2 schrieb Lukas Fenner: > > Hello All, > > Im running on Graylog Server 2.0.2 with ES 2.3.3. > > When i try to get 5 Messages with offset 1 it fails

Re: [graylog2] Permissions On Inputs

Hey Todd, what you can do at the moment is that your define streams for each input (adding rules so that only the messages of this input are routed into the stream) and then define the users to be readers for the corresponding streams. Kr, D. > On 27.05.2016, at 17:22, Todd Bryant

Re: [graylog2] Alerts not getting triggered Graylog v2.0.1

Hey Rakesh, thanks for contacting us. Could please provide a short overview over the rules your have configured for your stream and the alert conditions which are not triggered after a while? Do you see anything in your server log? Kr, D. > On 30.05.2016, at 10:42, Rakesh R

Re: [graylog2] Cannot get Messages with offset < 10000 via api

Hey Lukas, thanks for reporting this. Could you please open an issue on github for this? (https://github.com/Graylog2/graylog2-server/issues/new) We will investigate if this is a bug and possibly provide a fix for this. Kr, D. > On 30.05.2016, at 10:46, Lukas Fenner

Re: [graylog2] collector side car + nxlog doesnt forward firewall log

Hi Sanhegi, do you see any errors in the nxlog_stdout/stderr files under /var/log/graylog/collector-sidecar? It could be that you started nxlog on port 514 and there is another syslog already listening or something like that? Are you sure that the firewall syslog messages can be processed by

Re: [graylog2] collector side car + nxlog doesnt forward firewall log

Hi, i didn't want to use a file as input. When i choose udp as input in the graylog web interface, i supposed i will get all the udp log from 0.0.0.0 Le lundi 30 mai 2016 10:22:07 UTC+2, Jochen Schalanda a écrit : > > Hi, > > the firewall logs are probably written to a different file. nxlog

[graylog2] Alerts not getting triggered Graylog v2.0.1

Hi, Graylog is setup properly and there seems to be some issue with the alerts being triggered. Test mails are working fine. The alerts are triggered from the streams when the server is restarted and after some time the alerts are not triggered. I have checked the configuration and

Re: [graylog2] collector side car + nxlog doesnt forward firewall log

hi, i have two network. if i send directly from syslog i might loose some log when the network goes down Le lundi 30 mai 2016 10:21:51 UTC+2, Jan Doberstein a écrit : > > Hello Person with no name, > > > Am 30. Mai 2016 um 09:55:38, sangh (sanhegi.manel=40gmail.com) schrieb: > > the log of

[graylog2] Re: graylog-ctl set-email-config [--port= --user= --password=]

Hi, you're missing a blank between --port and 587. Cheers, Jochen On Thursday, 26 May 2016 12:53:53 UTC+2, rvb n wrote: > > This command showing the attached error. pls help > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe

[graylog2] Re: unable to send email alert

Hi, what's your current configuration for the email transport? Cheers, Jochen On Thursday, 26 May 2016 15:14:43 UTC+2, rvb n wrote: > > > Hi > > Please find the attachment. I am getting this error while send test mail > pls advice > > On Thursday, May 26, 2016 at 2:21:17 PM UTC+5:30, rvb n

[graylog2] Re: ldap or active directory settings not stored

Hi Jochen, I'm not trained with mongodb, so what have i to do for looking, changing or deleting "ldap_settings" collection in mongodb? searched in graylog help, but can't find anything. Wolfgang Am Mittwoch, 25. Mai 2016 07:48:44 UTC+2 schrieb Leittechnik SUN: > > hi, > after upgrading from

Re: [graylog2] collector side car + nxlog doesnt forward firewall log

Hi, the firewall logs are probably written to a different file. nxlog simply follows text files and sends their contents to Graylog, so you need to add the log file containing the firewall logs to the nxlog configuration. Cheers, Jochen On Monday, 30 May 2016 09:55:36 UTC+2, sangh wrote: > >

Re: [graylog2] collector side car + nxlog doesnt forward firewall log

Hello Person with no name, Am 30. Mai 2016 um 09:55:38, sangh (sanhegi.manel=40gmail.com) schrieb: > the log of the firewall i send them to Machine A. > I install on Machine A nxlog and collector side car you know that you can send in syslog direct to graylog, or=3F=C2=A0

Re: [graylog2] How to limit size of log injected/collected into graylog ?

Hej, Am 30. Mai 2016 um 00:53:15, Nevalystha Pingkan Dumanauw (nevalystha...@gmail.com) schrieb: > I am new in Graylog. Actually, my company is planning to use Graylog as a > log management system. We have installed it in our server, but when we run > it, Graylog has consumed the server's CPU &

Re: [graylog2] collector side car + nxlog doesnt forward firewall log

the log of the firewall i send them to Machine A. I install on Machine A nxlog and collector side car On graylog Web interface, i configure input so i can get log of 0.0.0.0. However i don't receive the firewall log on the graylog server i do receive them on machine A but they are not sent to

Re: [graylog2] ็How to purge LOG on graylog ova 2.0? and How extend root partition?

Hej, you can / need to set the indices rotation in the web interface to have log rotation. How you can extend your root partition? It depends on your Setup and used Software. But, please follow point 3.1.1 of RFC1855 (https://tools.ietf.org/html/rfc1855) thank you Jan Am 30. Mai 2016 um

Re: [graylog2] collector side car + nxlog doesnt forward firewall log

Hej, sorry can you please write your question in other words? I did not get it. thx Jan Am 30. Mai 2016 um 09:33:06, sangh (sanhegi.ma...@gmail.com) schrieb: > I am using collector side car on linux i can get the machine log however i > don't for the firewall log that i forward to my Nxlog

[graylog2] collector side car + nxlog doesnt forward firewall log

I am using collector side car on linux i can get the machine log however i don't for the firewall log that i forward to my Nxlog machine ?? -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving

[graylog2] Re: specially chars for admin password not allowed ?

ok, realy simple, i'm able to set the password now. And after setting the new password ist necessary to do: graylog-ctl reconfigure.. ? thanks Am Mittwoch, 25. Mai 2016 08:16:58 UTC+2 schrieb Leittechnik SUN: > > hi, > i want to change the admin password to some strong password. i tried to >