Hello Guys,
Is posibble replace the Timestamp?. Graylog create a timestamp when
the logs are send to Graylog, but I need replace the timestamp by date
inside in logs.
I'm using Nxlog and here is my input:
Module im_file
File 'E:\\Hadoop\\ParsedLogs\\*.*'
Hello Guys,
I tried migrate my indexes from elasticsearch 1.7 to 2.0, but I
have a lot problem with _timestamp field, and I can't migrate the indexes
because I have this error:
"error" : {
"root_cause" : [ {
"type" : "snapshot_restore_exception",
"reason" :
Hello,
I'm opening this old treath because I have the same problem.
I used the same command to delete every message with source as target.
For example:
curl -XGET 'http://10.101.81.199:9200/graylog2_20/message/_search?pretty'
My output is :
{
"_index" : "graylog2_20",
Hello,
I download the extractor Puppet from Marketplace, but this isn't
working to free version of Puppet (Puppet labs). I modified this extractor
and now is working as well.
Copy /paste my edited extractor for puppet:
"extractor_type": "regex",
"order": 0,
"cursor_strategy": "copy",
"extractor_config": {
"index": 3,
"split_by": "/"
},
"extractor_type": "split_and_index",
"order": 0,
"source_field": "full_message",
the existing ones of the user, otherwise it
will not work.
In 1.2 you will be able to create a role with these permissions (via the
API) and then assign them to users.
Best,
Kay
On 25 Aug 2015, at 16:42, Juan Andres Ramirez jandr...@gmail.com
javascript: wrote:
Hello Guys
Hello Guys,
Read's users can't access on global search, this is a problem,
because if you have a dashboard with a chart about any process, some time
you need to see more details about this search.
Anyone knows if in next versions the global search will be
available for read's
# index.number_of_replicas: 0
Arie.
Op woensdag 22 juli 2015 15:03:45 UTC+2 schreef Juan Andres Ramirez:
Hello Arie,
In my graylog conf I have this:
elasticsearch_shards = 1
elasticsearch_replicas = 0
And in elasticsearch conf I have this:
index.number_of_shards: 1
recommend doing this, though.
Cheers,
Jochen
On Wednesday, 22 July 2015 16:59:31 UTC+2, Juan Andres Ramirez wrote:
Hi Jochen,
Here the output:
index shard prirep state docs store ipnode
graylog2_14 0 p STARTED 78979192 40.5gb 127.0.0.1
Juan,
please post the output of the following command (replace 127.0.0.1 with
the IP address or hostname of one of your Elasticsearch nodes):
curl 'http://127.0.0.1:9200/_cat/shards?v'
Cheers,
Jochen
On Wednesday, 22 July 2015 15:03:45 UTC+2, Juan Andres Ramirez wrote:
Hello Arie
Hello guys,
I was searching the answer in this group and in the web, but I
can't found the answer.
1- Graylog create 1 shard per indice?, so in this moment I have 17 shards
and in my config I have :
elasticsearch_shards = 1
elasticsearch_replicas = 0
So I'm in development phase, I
,
delayed_unassigned_shards : 0,
number_of_pending_tasks : 0,
number_of_in_flight_fetch : 0
}
On Tuesday, July 21, 2015 at 9:54:23 AM UTC-3, Juan Andres Ramirez wrote:
Hello guys,
I was searching the answer in this group and in the web, but I
can't found the answer.
1- Graylog create 1 shard per
is triggered when the field source has a lower sum than 1 in the last
2 minutes. Grace period: 0 minutes. Including last message in alert
notification
Any other idea?
Thank you.
On Wednesday, July 15, 2015 at 10:39:49 AM UTC-3, Juan Andres Ramirez wrote:
Hello guys,
It is possible by any
FYI
I fixed my problem was changing the input mode, so I replaced om_tcp
by om_udp.
Thank you.
On Friday, July 10, 2015 at 5:46:39 AM UTC-3, Juan Andres Ramirez wrote:
Hello guys,
I was searching the solution for my problem but I can't found the
answer.
I have a server
Hello guys,
I was searching the solution for my problem but I can't found the
answer.
I have a server with graylog version: 1.1.3, connected to other
server with Elasticsearch. I created a inputs type Raw/Plaintext TCP to get
RabbitMQ logs from a Windows server 2008. The agent
15 matches
Mail list logo
