[graylog2] Can't get Graylog Appliance 2.0.2 to work with SSL and external IP address.

Hi everyone, Sorry if I bring this up again but I have read numbers of post in here trying to figure out whats is going in with my Graylog installation without any success. This is my context: - Operating System: Ubuntu 14.04 (clean install) - Graylog versión 2.0.2-1 (Using the appliance

[graylog2] large searches kill ES - can graylog stop this?

Hi there I just did a simple search on 30 days of data and managed to trigger the following ES error [2016-06-01 00:12:53,525][WARN ][indices.breaker.fielddata] [fielddata] New used memory 11273780309 [10.4gb] for data of [message] would be larger than configured breaker: 10857952051

[graylog2] Re: Graylog 2.x upgrade

Came across this: https://gist.github.com/markwalkom/8a7201e3f6ea4354ae06 third time's the charm? :) On Friday, May 27, 2016 at 4:43:18 PM UTC-4, Robert Hough wrote: > > Recently built a Graylog 2.x cluster, and that seems to be working fine. > I had some questions though, but right now the

[graylog2] Re: Graylog 2.x upgrade

21 views and no replies. Either this is the best kept secret in town, or everyone else is just as baffled as I am? :) So far I've tried using ElasticDump, The ElasticSearch Exporter and even tried using straight curl. I'm admittedly ignorant to most of these tools in terms of setup. I

[graylog2] Re: LDAP Error

Thanks I'll check on this in the morning and see if that clears up the issue. It isn't a huge concern as I plan to rebuild the stack once I've got everything as I like it, but just wanted to make sure it was something I could clear up later. On Friday, May 27, 2016 at 8:34:54 PM UTC-4,

[graylog2] Support for Ubuntu 16.04

Ubuntu 16.04 was officially released a little over a month ago. The deb download page shows that 12.04 and 14.04 are currently the only supported versions of Ubuntu, but I presume that eventually 16.04 will be added to that list. I would like to have an idea of when that package will be

[graylog2] Re: Graylog Email Callbacks - which fields/variables can I use?

Hi Dennis, you can only reference fields listed in http://docs.graylog.org/en/1.3/pages/streams.html#alert-callbacks-types-explained in your email template (scroll down a little bit). In your case, you would access the ad_username field of the message with ${message.fields.ad_username}.

[graylog2] Re: Why do graylog use strings instead of ES' dedicated field types for IP and geoip data?

Hi Daniel, the simple answer is that Graylog currently only supports fields of types string, number, and boolean. We might add support for other field types in the future. Feel free to subscribe to https://github.com/Graylog2/graylog2-server/issues/2113 to follow the progress regarding this

[graylog2] Re: Graylog2/graylog-plugin-snmp - how to set the SNMPTrap community string

Hi Chris, the community target is currently hard-coded in the SNMP plugin but feel free to add a feature request at https://github.com/Graylog2/graylog-plugin-snmp/issues. Cheers, Jochen On Tuesday, 31 May 2016 15:11:54 UTC+2, brooklynn...@gmail.com wrote: > > Hi, > > > i try to use the

Re: [graylog2] Re: Graylog Error Logging and Disk Space

Done, thank you. The github issue link is https://github.com/Graylog2/omnibus-graylog2/issues/29. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

Re: [graylog2] After 2.0.2 update Web console page footer says "2.0.1"

Hi Joe, "graylog-server" is the wrong package for the virtual machine and Docker images. Cheers, Jochen On Tuesday, 31 May 2016 15:22:33 UTC+2, Joe K wrote: > > Yes I followed that page instructions. And you can see in my log it's > "2.0.2" being installed: > > Preparing to unpack

Re: [graylog2] After 2.0.2 update Web console page footer says "2.0.1"

Did you update and restarted all nodes in your cluster? The version is properly displayed in a couple of setups I was checking. Edmundo > On 31 May 2016, at 15:22, Joe K wrote: > > Yes I followed that page instructions. And you can see in my log it's "2.0.2" > being

Re: [graylog2] Re: Graylog Error Logging and Disk Space

Hi, could you put all the informations in a ticket please: https://github.com/Graylog2/omnibus-graylog2/issues I have to review that later. Thanks, Marius On 31 May 2016 at 15:09, David Gerdeman wrote: > I had to wait for it to fail again. It looks like it failed on

Re: [graylog2] After 2.0.2 update Web console page footer says "2.0.1"

Yes I followed that page instructions. And you can see in my log it's "2.0.2" being installed: Preparing to unpack .../graylog-server_2.0.2-1_all.deb ... Unpacking graylog-server (2.0.2-1) ... Processing triggers for ureadahead (0.100.0-16) ... Setting up graylog-server (2.0.2-1) ... On

[graylog2] Graylog2/graylog-plugin-snmp - how to set the SNMPTrap community string

Hi, i try to use the SNMPTrap input from here: https://github.com/Graylog2/graylog-plugin-snmp It is working well but only with the community string "public". Does anybody know how/where it is possible to set the community string? The only settings are shown here:

Re: [graylog2] Re: Graylog Error Logging and Disk Space

I had to wait for it to fail again. It looks like it failed on May 30th. In the /var/log/graylog/elasticsearch folder the graylog.log. files for May 25-29 are all about 400K. The log file for May 30th is 2.1GB and the disk of the virtual appliance is at 100% utilization. Also, the last

Re: [graylog2] Re: Why AWS Load balancer in front of graylog-server is redirecting traffic to internal instance on 12900

Thank you very much for the resolution. On Sat, May 28, 2016 at 12:54 AM, Bryan Shell wrote: > This is covered in the documentation here: > >

Re: [graylog2] After 2.0.2 update Web console page footer says "2.0.1"

Hi Joe, judging from your other emails to the mailing list, you've simply installed the wrong DEB package. Please use the upgrade instructions here: http://docs.graylog.org/en/2.0/pages/installation/graylog_ctl.html#upgrade-graylog Cheers, Jochen On Monday, 30 May 2016 21:49:07 UTC+2, Joe K