Id really like to use some of the other beats with graylog, is this a
supported function and are there any guides out there you have run across
to get them setup?
Thanks
Mike
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe
I see now,
>
>
I downloaded the tarball for the config file and its comments. Is there a
reason we are tagging the node id into this name?
Looks like overriding that with the elasticsearch_config_file = /blah/ will
be the way to go for me.
Im interested in discussing why this is. It makes
Were moving the 2x graylog/ES and during my tests, using the latest graylog
cookbook in the chef supermarket the ES client installed with graylog
server is getting named and I cannot figure out where this is coming from.
I am able to override the name using the
Does Graylog have a recommended way of handling clusters with multiple
graylog-server nodes and master elections?
I lost a pretty large chunk of data yesterday due to multiple masters
creating multiple indexes per day and causing indexes to roll off. Luckily
this was not customer data so other
as of now Im thinking it was due to multiple graylog-server masters in the
cluster. I ran a config update with chef and all 3 graylog nodes ended up
as masters.
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group
Im at a loss here,
My index rotation is set to time, 1d and max of 90 indices currently.
Im getting multiple indexes per day of varying size and document counts.
Has anyone else ever run into this? I could use some pointers on what Im
looking for as the cause.
Thanks
--
You received this
I dont know for sure if this will help, but what I would look at is that
all 3 nodes server.conf have the same hashed password as the web.conf
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving
Im duplicating In production now, once its running there Ill respond with
how I accomplished everything.
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
>
> So We got this figured out or at least got it working.
>
The group mapping (optional) section in the LDAP settings area is not
optional for an AD setup at least
Previous versions of graylog required you to be specific in your search
base for what users you wanted to be able to log in.
Ive got this all figured out. Is anyone interested in how to make a
configuration like this work? Im a windows guy so I scripted out the
moving indexes portion using powershell however someone who can parse json
in bash could replicate the same things fairly easy.
Anyways Im happy to help
section pass.
On Saturday, March 5, 2016 at 9:31:51 AM UTC-6, Mike Daoust wrote:
>
> I tried to configure LDAP in the LDAP section if graylogs web interface.
> After inputting my settings, both tests in the setting section pass. When
> I hit save settings the interface says settings
ages did you encounter while doing
that?
>
> Cheers,
> Jochen
>
>
> On Saturday, 5 March 2016 07:17:20 UTC+1, Mike Daoust wrote:
>>
>>
graylog-web/application.2016-03-04.log:org.graylog2.restclient.lib.APIException:
API call failed GET
http://@loggingglsrv02.apps.appriver.cor
;}
On Friday, March 4, 2016 at 11:58:02 PM UTC-6, Mike Daoust wrote:
>
> where do the ldap settings get saved?
>
> On Friday, March 4, 2016 at 6:02:05 PM UTC-6, Mike Daoust wrote:
>>
>> graylog 1.2.2 ldap not saving settings, any ideas?
>>
>
--
You received thi
where do the ldap settings get saved?
On Friday, March 4, 2016 at 6:02:05 PM UTC-6, Mike Daoust wrote:
>
> graylog 1.2.2 ldap not saving settings, any ideas?
>
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscr
graylog 1.2.2 ldap not saving settings, any ideas?
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to graylog2+unsubscr...@googlegroups.com.
To view this
which of the multiple time/date stamps does curator use when determining
how old an index is? Doesnt seems to be documented in an easy to find
place.
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop
not having any luck so far getting this to work
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to graylog2+unsubscr...@googlegroups.com.
To view this discussion
prepend was the wrong word, sorry. I think what I meant is clear though.
graylog2_date/time
On Monday, February 22, 2016 at 4:03:51 PM UTC-6, Mike Daoust wrote:
>
> Is there a way to have the graylog index prepend the date/time instead of
> just iterating over numbers?
>
--
Is there a way to have the graylog index prepend the date/time instead of
just iterating over numbers?
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
e this using a Hot/Warm architecture in
> Elasticsearch, see https://www.elastic.co/blog/hot-warm-architecture for
> an example.
>
> We might also add this directly into Graylog in a future release.
>
>
> Cheers,
> Jochen
>
> On Thursday, 18 February 2016 21:31:31
I wondered if anyone is moving data over X days old to slower nodes in
order to keep the most recent data performing as fast as possible. Do you
have any advice or articles I could reference?
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
I wondered if there is more information about this now that 2.0 is out? Is
there a timeline when we can expect graylog to use elasticsearch 2.0?
On Wednesday, October 14, 2015 at 1:47:55 PM UTC-5, David Dunstan wrote:
>
>
> Hi folks, Is there any update the Graylog maintainers might be able to
>
> hah nice. That was the key.
>
Thank you
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to graylog2+unsubscr...@googlegroups.com.
To view this discussion
How many of you are using chef to deploy?
Has anyone found other solutions for being able to quickly deploy graylog?
Im having trouble with the available chef recipe, I started writing my own
and am having some success however I dont want to spend a large amount of
time reinventing the wheel if
Is it documented anywhere which versions of elasticsearch are suggested for
graylog?
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
Has anyone run across this. 2 of my servers graylog-web service stopped
generating error logs at the end of last month and seemed to stop being
accessible at the same time though the service says its started and running.
--
You received this message because you are subscribed to the Google
Im completely drawing a blank here.
Have a 3 GL server nodes. Only 2 of them are taking messages. The node
not getting any messages is starting just fine and is listed in the
web.conf of all web nodes. Any suggestions?
2015-07-27T13:14:14.160-05:00 INFO [node] [Internal-Logging03-GL]
Cool,
Ill setup a test and report back what I find.
Thanks
On Monday, April 20, 2015 at 2:03:36 PM UTC-5, Mike Daoust wrote:
Is it possible to have 2 or more completely separate graylog servers
logging to their own respective index and not be able to see each others
indexes when doing
Is it possible to have 2 or more completely separate graylog servers
logging to their own respective index and not be able to see each others
indexes when doing searches?
--
You received this message because you are subscribed to the Google Groups
graylog2 group.
To unsubscribe from this
Is it possible to have 2 or more completely separate graylog servers
logging to their own respective index and not be able to see each others
indexes when doing searches?
--
You received this message because you are subscribed to the Google Groups
graylog2 group.
To unsubscribe from this
Thank you, That is very useful information to have.
On Tuesday, April 14, 2015 at 4:26:23 PM UTC-5, Mike Daoust wrote:
Hey folks
I have a new project that Im looking for some insight on.
we are testing out logging some high volume data that is between 65 and
100k per second.
What would
Hey folks
I have a new project that Im looking for some insight on.
we are testing out logging some high volume data that is between 65 and
100k per second.
What would you all think would be an optimal config? With higher loads do
you find that having everything separate vs full stack offers
Using graylog 1.0.1, systems been running fine since the update from .9x a
few weeks ago. The web interface stopped responding today. The service
wont start and nothing is being logged to
/var/log/graylog-web/application.log
sys log is full of terminated with status 255
Any thoughts?
--
After upgrading my graylog cluster from .92 to 1.0.0 clustered setup the
system tab is no longer accessible.
The test upgrade I did went flawlessly so not sure what the deal is.
*You caused a org.graylog2.restclient.lib.APIException. API call failed
GET **Reason:* Could not fetch system
I know this is an old post but I am interested in this behavior as well.
Its problematic to explain that your HA cluster is mostly still working.
On Wednesday, June 18, 2014 at 7:22:55 AM UTC-5, corneli...@gmail.com wrote:
Hello,
I thought, I could setup an HA-Graylog2-Cluster. But there
they are not visible.
On Thursday, December 18, 2014 4:45:13 PM UTC-6, Mike Daoust wrote:
I am having issues getting ldap to work
I did a tcpdump on ldap traffic, I can see the connection working but no
user ever gets added.
Im filtering the pcap for our DC responses by ip source and ldap
Looks like the users previously were being added as
u...@domain.com@localhost.com. I deleted those accounts manually in the
mongodb and updated the Search base to
((objectClass=user)(sAMAccountName={0})) and it seems to be adding the
users correctly however the ldap synced users cannot log
37 matches
Mail list logo