Hi,
I've been trying to setup a graylog2 server with clients sending in windows
logs via GELF tcp, the issue i'm hitting is that the input on the server
seems to be processing messages, see screenshot below where it says 1
minute average rate: 9/msgs But when I click on show received messages
After further investigation I think this was due to elasticsearch and
graylog being overloaded. I have increased their heap sizes accordingly and
will see how the system performs.
Ariel
On Wednesday, July 6, 2016 at 12:21:11 PM UTC-5, Ariel Godinez wrote:
>
> Hello,
>
> I've been using graylog
Jochen,
Thank you, again, for all the help looking into this problem for me.
Here is the output of the head -n1 command:
==> /etc/graylog/graylog-ssl/CERT.pem <==
-BEGIN CERTIFICATE-
==> /etc/graylog/graylog-ssl/KEY.pem <==
-BEGIN ENCRYPTED PRIVATE KEY-
I looked over the
Hi,
I am using graylog 1.3.3 with ES 1.7.5, from yesterday we are seeing the
process buffer filled up on the master node and the outgoing process is too
slow than normal, I have tried restarting GL and ES but did not fix the
issue, below are the log warn and errors we see that repeats
Hi there!
Is anyone aware of any Graylog training courses in Germany?
I've done a bit of searching, but the offerings do not seem to be
overwhelming.
Ideally, I'd be looking for a course on administration of Graylog,
obviously including Elasticsearch and MongoDB, as well as sizing and HA
After going through some further testing I've filed this
at https://github.com/Graylog2/collector-sidecar/issues/37 - it looks to be
an issue with NXlog CE handling the input and output modules as GUIDs.
On Thursday, 7 July 2016 17:11:41 UTC+1, Kev Johnson wrote:
>
> Firstly: I love the idea of
Hi Keamas,
please refer
to
https://www.elastic.co/guide/en/elasticsearch/reference/2.3/setup-configuration.html
and https://www.elastic.co/guide/en/elasticsearch/guide/2.x/heap-sizing.html
for information about sizing Elasticsearch and changing its memory
configuration.
Elasticsearch
I have a similar problem on my Graylog2 configuration. I have a cluster
with two nodes. The problem is with my slave node, where we capture NetFlow
data from our routers. The incoming messages are about 30 - 50 per second.
I have allowed up to 4g of heap memory for the graylog-server. With a
Hey, here are the details of the system:
I installes de dpkg files like in here on the Ubuntu 16.04 LTS
http://docs.graylog.org/en/2.0/pages/installation/os/ubuntu.html
Everything is running on one single VM Graylog and Elasticsearch.
VMware
1 Virtual Socket
2 Cores
Memory: 8GB RAM
HDD 800
Hey, here are the details of the system:
I installes de dpkg files like in here on the Ubuntu 16.04 LTS
http://docs.graylog.org/en/2.0/pages/installation/os/ubuntu.html
VMware
1 Virtual Socket
2 Cores
Memory: 8GB RAM
HDD 800 GB
root@ATLOG001:/home/ladmin# uname -a
Linux ATLOG001
Hi Jason,
It's hard to tell what is wrong from here, since we can't exactly see how your
messages look like. Could you share a couple of messages with us?
Please be aware that at the moment, the "regex" function needs to match the
whole string:
Wireshark on the test server shows no packets being sent other than the
TCP12900 poll too, so we can be reasonably happy that there's nothing on
the network eating them.
Config file has updated based on the snippet that I've added, but it's
almost as if the nxlog process is running without a
Hi Keamas,
aggregating or summing up different fields is currently not possible with
Graylog.
Cheers,
Jochen
On Thursday, 7 July 2016 16:00:21 UTC+2, Keamas M wrote:
>
> Hey,
> if I have multiple logs like this:
>
>
Hi Dave,
the quotes around the password shouldn't be necessary (and are, in fact,
wrong). Could you please share the error message you've got when omitting
these quotes?
Please also post the output of the following command (it doesn't contain
any sensitive information, just the header of the
Hi Keamas,
which version of Graylog are you using? What are the hardware specs of the
machine(s) you're running Graylog and Elasticsearch on?
What kind of inputs are you talking about?
For Elasticsearch, 1 GB of heap memory is quite little and you should give
it more memory (depending on how
Thankyou Florent B. My issue was solved by "Manually cycle deflector" too.
เมื่อ วันพฤหัสบดีที่ 12 มิถุนายน ค.ศ. 2014 14 นาฬิกา 55 นาที 52 วินาที
UTC+7, Florent B เขียนว่า:
>
> Hi
>
> Ok I solved it doing a "Manually cycle deflector" ;-)
>
> Thank you.
>
> On 06/11/2014 07:14 PM, Kay Röpke
Ok - so I've built a clean Windows Server 2012 R2, disabled the firewall
and run through the same process with the same result - the only traffic
back to the Graylog server is the tcp 12900 poll from the collector - I've
tried logging out/in and rebooting the server which all *should* generate
Hi Paul,
we're targeting August 2016 for releasing Graylog 2.1.0.
You can help by testing the alpha and beta versions until then.
Cheers,
Jochen
On Friday, 8 July 2016 03:07:53 UTC+2, Paul Mendoza wrote:
>
> When will I be able to use Graylog 2.1?
>
> I'm waiting for the TCP TLS Graylog
Hey my Graylog just stoped processing messages from one input. But the
other Input is still working.
Everything looks finde for me:
I rebooted the Linux machine, Start Stop of the Input and so on. But
without success.
root@ATLOG001:/var/log/graylog-server# top
top - 08:14:49 up 16 min, 1
Thanks Marius - I'll give that a go today. Thanks for sense checking my
config and confirming I've not done anything silly!
On Thursday, 7 July 2016 22:30:29 UTC+1, Marius Sturm wrote:
>
> Yeah, sounds possible to me. All configurations look correct. So some
> Windows firewall might be the root
20 matches
Mail list logo
