[graylog2] Re: upgrading graylog-server from 1.16 to 1.2rc4 totally broke all LDAP access

Hi Jason! Could you please turn the log level of org.graylog2.security.ldap.LdapConnector to TRACE? The easiest way to do so is via the System/Logging section in the API browser (port 12900 of your graylog server). That logs all kinds of details about the searches performed and the entities

Re: [graylog2] Re: LDAP authentication with Graylog 1.2 RC2

Kay, Yes I understood, Thanks for futur modifications Regards, Yves Louis 2015-09-09 11:14 GMT+02:00 Kay Roepke : > RC4 does not have that change because it was already being built when we > had this conversation. We'll probably update the RC with this change before > the final

Re: [graylog2] Re: upgrading graylog-server from 1.16 to 1.2rc4 totally broke all LDAP access

On 09/09/15 20:41, Kay Roepke wrote: > Could you please turn the log level > of org.graylog2.security.ldap.LdapConnector to TRACE? > The easiest way to do so is via the System/Logging section in the API > browser (port 12900 of your graylog server). > Err - humor me - this is all new to me. I

[graylog2] Re: Message order in output plugins

Hi! No, that is currently not possible. Because messages are being processed in parallel by multiple threads their order is not guaranteed at the moment. The collector currently does not track the line numbers of the file it reads, which could then be used to sort the messages again. We do have

[graylog2] Search within an extracted field help

Hi All I'd like to search within a field that has been extracted but I cant find the correct syntax to make it work. For example: I can drill down to this: "source:router AND user:test1 AND url:http\:\/\/www.voweletics.com\/api\/census\/RecordHit\?crumb=f4b06f2a67" But what I want to

[graylog2] Re: Search within an extracted field help

Hi, currently only a few message fields are being analyzed by default (source, message, and full_message) which enables wildcard searches (like *vowel*). If you want to analyze the url message field as well, you'll have to create a matching index template in Elasticsearch, see

Re: [graylog2] Re: upgrading graylog-server from 1.16 to 1.2rc4 totally broke all LDAP access

Not sure if this helps but... Search Base DN should be the OU parent where you want any valid users to be found for login OU=User Accounts,DC=ochsner,DC=org User Search Pattern should match the username users will input to login (&(objectClass=user)(sAMAccountName={0})) Group Search Base DN

[graylog2] Graylog extractors/ Grok patterns

Hi @all, im using graylog all in one docker. To ensure persistence i have mounted data and log folder at my host machine... after stop and restart docker the dashboards are still there (thats the good news) but my extractors and grok patterns are not more inside. My question is how to keep

[graylog2] Is there any possibilty to hide the alert marker in Search window?

I am at trying to implement a Graylog AlertCallback plugin for PRTG (Monitoringtool, like Nagios). The Plugin itself works fine, but to get data into the monitoring tool I need alerts. These alerts get triggered by a message count condition. These alerts are not urgent to Graylog users, so i

Re: [graylog2] Graylog Web Inteface Issue

Hi Anant, the build assumes it can execute git to determine the current commit. Your machine doesn’t have the command in the path, so you have two options: 1) install git and add it to the PATH 2) temporarily replace the command execution in the build file. For option 2 check the

Re: [graylog2] Re: upgrading graylog-server from 1.16 to 1.2rc4 totally broke all LDAP access

What Drew said, but starting with RC.4 the Group Object Class is Group Search Filter and needs to be a valid filter: (objectClass=group) in the standard case. On Wednesday, 9 September 2015 16:41:17 UTC+2, Drew Miranda wrote: > > Not sure if this helps but... > > Search Base DN should be the

[graylog2] Re: Search within an extracted field help

I saw a similar thread earlier and checked the links. I did some digging around on my server and in your documentation but really didn't see where that stuff gets configured. Should I refer to the elasticsearch docs more or are there graylog docs that are available for this customization? I

[graylog2] Graylog Web Inteface Issue

Hi, I am trying to compile graylog2-web-interface-1.1.6 on windows 7 using java 8 and tysafe activator 1.3.5. After Typesafe is done with compilation when I hit "Run" from the menu Tyasafe gives the following. Setting up Play fork run ... (use Ctrl+D to cancel) Multiple resolvers having

Re: [graylog2] Re: upgrading graylog-server from 1.16 to 1.2rc4 totally broke all LDAP access

On 10/09/15 00:29, Kay Roepke wrote: > Would you be willing to give a snapshot build a try once I have it up? Sure thing - I'm still only got a single host test box - so it's no big thing if it breaks ;-) > > Not really, the interesting ones come from LdapConnector. OK, well here's what the