Hi,
I have created dashboard with pi-chart, count and statistics. My question
is if i click on a bar in histogram, will that show me there in some pop-up
or any other way what are the logging messages associated with that bar?
Please help me.
Thanks,
Sridhar
--
You received this message
Hi Steve,
I changed the field name to something else (rcode). I am shipping my logs
via GELF from a logstash processing instance so I edited my logstash config
file to parse it as a different field name.
-Bill
On Friday, February 3, 2017 at 10:28:08 AM UTC-10, Steve Kuntz wrote:
>
> What did
Okay, in order:
1. I'm using the OVA VM image from Graylog, so most of the configuration is
already done. All I did was add a Connector with one nxlog input and one
nxlog output, and then the GELF UDP input that the WinDHCP json created.
The WinDHCP input is configured like this:
What did you change in the name to make it work?
On Friday, February 3, 2017 at 12:39:56 PM UTC-5, Bill Murrin wrote:
>
> I also starting receiving errors for a Quick values on a field named
> "status_code"; I only noticed it after the upgrade to 2.1.3. I changed the
> name to something else
I tired to create rpm with > mvn rpm:rpm -X build it failed with below error
I am not seeing any spec file also no instruction to create RPM in main
POM.xml, someone please help to understand how the RPM works here
[INFO] Reactor Summary:
[INFO]
[INFO] Graylog Parent POM
Hummm,
Maybe, that's the problem!
Thank you Jochen.
On Friday, February 3, 2017 at 4:18:55 PM UTC-2, Jochen Schalanda wrote:
>
> Hi César,
>
> make sure to use only plugins in a compatible version.
>
> For example the Threat Intelligence Plugin for Graylog is currently not
> compatible
Unfortunately not, it's the only log message that shows when trying to do a
quick value on the field.
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
Hi César,
make sure to use only plugins in a compatible version.
For example the Threat Intelligence Plugin for Graylog is currently not
compatible with Graylog 2.1.3.
Cheers,
Jochen
On Friday, 3 February 2017 18:08:43 UTC+1, CESAR Fabre wrote:
>
> Hi,
>
> I'm trying the upgrade from 2.1.2 to
Hi Steve,
On Friday, 3 February 2017 18:05:26 UTC+1, Steve Kuntz wrote:
>
> There is an error in the graylog.log
>
> WARN [SearchResource] Unable to execute search: [reduce]
>
Is there more context around that warning message?
Cheers,
Jochen
--
You received this message because you are
Same here but I wasn't sure it was related to the update.
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to graylog2+unsubscr...@googlegroups.com.
To view this
I also starting receiving errors for a Quick values on a field named
"status_code"; I only noticed it after the upgrade to 2.1.3. I changed the
name to something else and everything starting working again. I am
converting this field to an integer and was doing a search on if the field
value
Hi,
I'm trying the upgrade from 2.1.2 to 2.1.3 on CentOS 7 but I had some
problems. Follows the popup that appears frequently after upgrade.
Server currently unavailable
We are experiencing problems connecting to the Graylog server running on
http://192.168.10.5:9000/api. Please verify that
There is an error in the graylog.log
WARN [SearchResource] Unable to execute search: [reduce]
Any and All help is appreciated.
On Friday, February 3, 2017 at 11:59:34 AM UTC-5, Steve Kuntz wrote:
>
> Also Field Statistics and Generate Chart work on this same data set as
> well and I think
As a test my search is
_exists_:http_response_code AND http_response_code:[200 TO 503]
And I"m still getting the same error.
On Friday, February 3, 2017 at 10:53:04 AM UTC-5, Jochen Schalanda wrote:
>
> Hi Steve,
>
> the "quick values" functionality only works if the field is numeric in all
>
Hi Steve,
the "quick values" functionality only works if the field is numeric in all
messages of the queried time range. If there are some non-numeric values
for that message field within the queried time range, you'll receive the
error message you've already mentioned.
Cheers,
Jochen
On
Currently each index is ~10-15G and spans ~10-15 minutes doing this would
make my indices huge and I'm guessing slower to search.
On Fri, Feb 3, 2017 at 10:51 AM, Jochen Schalanda
wrote:
> Hi Steve,
>
> On Friday, 3 February 2017 16:03:04 UTC+1, Steve Kuntz wrote:
>>
>>
Currently each index is ~10-15G and spans ~10-15 minutes doing this would
make my indices huge and I'm guessing slower to search.
On Friday, February 3, 2017 at 10:51:25 AM UTC-5, Jochen Schalanda wrote:
>
> Hi Steve,
>
> On Friday, 3 February 2017 16:03:04 UTC+1, Steve Kuntz wrote:
>>
>>
Hi Steve,
On Friday, 3 February 2017 16:03:04 UTC+1, Steve Kuntz wrote:
>
> Thanks, I guess I'll wait until 2.2. I need 2 weeks of archive and my
> settings are keeping about 2100 indices @20,000,000 messages per index,
> which is about 2 weeks for me.
>
Have you thought about using a
I'm having a new issue getting quick values since I modified some fields.
This is just to get the HTTP status codes but there is some issue. All
values are being converted to numeric but I'm getting an error. I've
attached the error and the stats to show what the data is.
--
You received this
Thanks, I guess I'll wait until 2.2. I need 2 weeks of archive and my
settings are keeping about 2100 indices @20,000,000 messages per index,
which is about 2 weeks for me.
On Friday, February 3, 2017 at 4:14:11 AM UTC-5, Jochen Schalanda wrote:
>
> Hi Steve,
>
> the issue with the extractor
Hi Bill,
On Friday, 3 February 2017 13:00:19 UTC+1, Bill Murrin wrote:
>
> Any assistance you can provide would be appreciated. Here is a link to the
> plugin to see if you guys might be able to help me figure out what is
> causing it. Once we figure this out, I plan on sharing the plugin on
I managed to get all of the features working for QuickValuesPlus plugin and
it works perfectly in the web-dev environment using GrayLog 2.1.3.
However, when I build the JAR for the plugin (mvn package) using 2.1.3 it
BUILDS successfully, but after I add the plugin to Graylog and restart it,
I
Hi Jochen,
Always both ElasticSearch nodes are using 900 MB of 2GB RAM... but I will
try it with 4GB if it is necessary.
Thanks ;)
El viernes, 3 de febrero de 2017, 10:07:57 (UTC+1), Jochen Schalanda
escribió:
>
> Hi Aitor,
>
> as I already mentioned, your ES cluster doesn't have enough
Hi
Thank you very much it is good rest_transport_uri which(who) was badly
configured =)
I already have try to configure him(it) but in vain
Meric very once again
In the next one
Jochen
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To
Hi Rob,
How did you configure Graylog? Which inputs did you create and how did you
configure them?
How did you configure the Graylog Collector Sidecar and what's the
generated nxlog configuration?
Cheers,
Jochen
On Thursday, 2 February 2017 23:30:20 UTC+1, Rob Repp wrote:
>
> I set up a
Hi Steve,
the issue with the extractor page might have been fixed in Graylog 2.2.0,
see https://github.com/Graylog2/graylog2-server/issues/3366 for the related
GitHub issue.
Cheers,
Jochen
On Thursday, 2 February 2017 21:56:32 UTC+1, Steve Kuntz wrote:
>
> Hi
>
> This is still a big issue for
Hi Steve,
I haven't seen that behavior personally, but I wouldn't rule out that it
can happen with a large number of indices.
Please think about reducing the number of open indices in your system,
either by closing them (System / Indices page) or by archiving them, for
example with the
Hi Giwenn,
On Friday, 3 February 2017 10:04:51 UTC+1, Giwenn Launay wrote:
>
> It's good?
>
As long as you're using serv-XXX-log-2.XXX.XXX.com in your
rest_transport_uri setting, it should be fine.
Cheers,
Jochen
--
You received this message because you are subscribed to the Google Groups
Hi Aitor,
as I already mentioned, your ES cluster doesn't have enough hardware
resources to keep up with the data ingestion from Graylog. Assign at least
4 GiB of memory for each Elasticsearch node.
Cheers,
Jochen
On Friday, 3 February 2017 08:05:27 UTC+1, Aitor Mendoza wrote:
>
> Hello
And this is what I puts when I to create my certificate:
Country Name (2 letter code) [XX]:FR
State or Province Name (full name) []:France
Locality Name (eg, city) [Default City]:XXX
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) []:Info
Common
Hi Sridhar,
127.0.0.1 is the loopback address, which means that it's only accessible
from the very same machine.
If you're trying to create an Elasticsearch cluster, you have to use a
public IP address of all affected nodes.
See
Hi,
I have already tried with a different common name ex: serv-XX-log-2.
XXX.XXX.com but always the same error.
On the other hand when I created my certificate, he does not ask me to
inform the field AltSubjName, it is normal?
Cheers,
Giwenn
--
You received this message because you are
32 matches
Mail list logo