[graylog2] Re: Elasticsearch cluster unhealthy (RED)

Hi everyone, Anyone can give a hand on this? On Wednesday, June 22, 2016 at 11:00:56 PM UTC+8, Arief Hydayat wrote: > > Hi Jochen, > > Hm.. OK. Then how could I make sure that there are no unassigned shards or > replicas in the Elasticsearch? Could you please assist me? > > On Tuesday, June 21,

[graylog2] Re: Graylog Does not work on AWS

Why is it that the server cannot access the public address? what is the value of *rest_listen_uri* in */opt/graylog/conf/graylog.conf* have you tried binding to 0.0.0.0:12900 what is the value of *proxy_set_header X-Graylog-Server-URL* in */opt/graylog/conf/nginx/nginx.conf* Is it $host or

Re: [graylog2] Graylog 2.x with separate UI servers?

Thank you for the draft. That is what I was going for unless there would have been any other options. Based on the draft I have another question: Does the Graylog-Master needs to be on one of the UI-hosts or can it be one of the hosts used for receiving the log-data? Regards, Jan Am Dienstag,

[graylog2] Re: A question about clustering

Yes you are correct in your assumption. Apologies for not clarifying. Thanks for all the info. I will take all of this into consideration. Thanks again. Jamie P. On Tuesday, June 28, 2016 at 1:56:30 PM UTC-4, Frederic Desjarlais wrote: > > > I'm assuming you're referring to Graylog Server

[graylog2] Re: A question about clustering

I'm assuming you're referring to Graylog Server "clustering" -- and not MongoDB or ElasticSearch. If "high availability" is important to you, then I'd suggest having at least 2 Graylog Server processes running across as many availability zones as possible (e.g. different racks in a data

[graylog2] A question about clustering

I have looked this group over and did some Google searches to no avail. My question is, at what point do you consider using a clustered setup vs. a single server instance? I know it's based off of how many servers and devices will be reporting to the server but I can't find any info that

Re: [graylog2] Dasboard time range problem

Hi Marcus, I was trying to reproduce the issue you are describing and I could, so I opened an issue for it: https://github.com/Graylog2/graylog2-server/issues/2428 Feel free to add any details you think are missing. Thank you! Edmundo > On 28 Jun 2016, at 17:04, Marcus Franke

Re: [graylog2] Dasboard time range problem

Marcus Franke schrieb am Di., 28. Juni 2016 um 16:28 Uhr: > Hi, > > sure, I guess thats the root_timezone setting from the server.conf and > thats Europe/Berlin, too > In the system -> overview its +0200 for my user, my browser and the > graylog server. > > If I switch

Re: [graylog2] Graylog 2.x with separate UI servers?

Hej Jan, On 28. Juni 2016 at 12:45:40, jan.lemmerm...@gmail.com (jan.lemmerm...@gmail.com) wrote: > Would I need to put all four graylog machines in one "Graylog Cluster"? Or > do I need to split the Collector-Hosts from the UI-Hosts but point > them to the same MongoDB and

Re: [graylog2] Future Elasticsearch Update

Hej Gabriele, On 28. Juni 2016 at 10:53:12, Gabriele Abbate (gabry.abbat...@gmail.com) wrote: > I heard that from version 5.0 all elk products will be aligned and released > together. > I'd like to know if graylog future update will be compatible with latest > elasticsearch versions. As

[graylog2] Re: Delete by Query (XDELETE) not works

The feature delete_by_query is deprecated, see: https://www.elastic.co/guide/en/elasticsearch/reference/1.6/docs-delete-by-query.html Deprecated in 1.5.3. "Delete by Query will be removed in 2.0: it is problematic since it silently forces a refresh which can quickly cause OutOfMemoryError

Re: [graylog2] Colors in Charts and Data Table

Hej Josh, On 28. Juni 2016 at 07:22:45, 'Joshua Humpich' via Graylog Users (graylog2@googlegroups.com) wrote: > is there a way to manipulate the colors of a pie charts or data table views? > At the moment my application log levels (info, debug, trace, error) got bad > colors for the chart. > The

[graylog2] Dasboard time range problem

Hi, Ive got a (little) dashboard problem, that drives me crazy. I want the histogram showing the message flow of a day. I do a general search for all messages of a certain day using the time picker from 2016-06-15 00:00:00 to 2016-06-16 00:00:00. My timezone is Europe/Berlin, so plus 2 hours

Re: [graylog2] Re: Anyone use Image in real world application? Graylog 2.0 image fails after few days. Is this Image problem or Graylog in general?

Messages have to be deleted by hand, always look at the timestamp if there are some errors. Maybe they are outdated long ago. On 28 June 2016 at 14:38, John wrote: > Hi, > I fixed this issue by creating a new input with the same parameters and > only a different

Re: [graylog2] Re: Anyone use Image in real world application? Graylog 2.0 image fails after few days. Is this Image problem or Graylog in general?

Hi, I fixed this issue by creating a new input with the same parameters and only a different listening port Now everything works well .And finally I deleted manually the 2 alerts "Uncommited messages " and "journal utilization too high..." because it seams that these error messages don't

[graylog2] Re: NXlog and Graylog Collector Sidecar on SUSE Linux Server

Jo, I faced the same on my SUSE. Try this: # installation nxlog mkdir -p /opt/nx-log cd /opt/nx-log wget -O nxlog-ce-2.9.1504-1_rhel6.x86_64.rpm https://nxlog.co/system/files/products/files/1/nxlog-ce-2.9.1504-1_rhel6.x86_64.rpm --no-check-certificate rpm -ihv --nodeps

[graylog2] Graylog 2.x with separate UI servers?

Hi, I'm currently setting up a Graylog environment which has 2x Graylog-Servers which will be used for receiving syslog data. (Lets call them the Collector-Hosts) The setup is completed by a 3-node Elasticsearch cluster and a 3-node MongoDB replica-set. I know that the graylog-web component

[graylog2] Future Elasticsearch Update

Hi, I heard that from version 5.0 all elk products will be aligned and released together. I'd like to know if graylog future update will be compatible with latest elasticsearch versions. Thank you Gabriele -- You received this message because you are subscribed to the Google Groups "Graylog