As well some additional logs form the nodes are
[NodePingThread] Did not find meta info of this node. Re-registering. I
have changed all IPs appropriately in the configuration of the 3rd node.
On Wednesday, August 24, 2016 at 4:15:02 PM UTC-4, Steve Kuntz wrote:
>
> I have 2 nodes running in a
I have 2 nodes running in a cluster, one master and one slave. When I look
at the nodes collection in Mongo I see the 2 nodes.
I have added a 3rd node as a slave and when this node is running I end up
with an issue where the cluster is complaining that there isn't a master
node. When I look at
Hi,
I've been unable to find any documentation around this. How do I completely
remove a graylog node from the cluster?
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an
Hey Jochen,
tried with Xmx=30Gb
changed the GC algo and i still have big pauses...
2016-08-24T17:06:30.042Z WARN [GarbageCollectionWarningThread] Last GC run
with G1 Young Generation took longer than 1 second (last duration=10443
milliseconds)
2016-08-24T17:06:30.042Z WARN [jvm]
Thank you!
On Wednesday, August 24, 2016 at 6:21:19 PM UTC+3, Jochen Schalanda wrote:
>
> Hi Aleksey,
>
> while we recommend using the latest stable version of MongoDB for Graylog
> 2.x, MongoDB 2.6.x from EPEL should also work fine.
>
>
> Cheers,
> Jochen
>
> On Wednesday, 24 August 2016
Hi,
looking at the bash snippet you've posted, it should be fairly easy to
iterate over the scanned/infected files and create a separate GELF message
for each.
If you need to know, which infected files were found by the same scan, you
can simply add a unique identifier to the GELF messages
Hi Aleksey,
while we recommend using the latest stable version of MongoDB for Graylog
2.x, MongoDB 2.6.x from EPEL should also work fine.
Cheers,
Jochen
On Wednesday, 24 August 2016 16:00:33 UTC+2, Aleksey Chudov wrote:
>
> Hi,
>
> In accodrance with current documentation
>
Great, I thought that was the case but wasn't sure if there was more to
Sidecar or not.
Thanks!
Nathan
On Wednesday, August 24, 2016 at 10:31:08 AM UTC-4, Marius Sturm wrote:
>
> Hi Nathan,
> it's basically a configuration layer. With Sidecar in between you can
> control nxlog from within the
Hi Nathan,
it's basically a configuration layer. With Sidecar in between you can
control nxlog from within the Graylog web ui.
Cheers,
Marius
On 24 August 2016 at 16:07, Nathan Mace wrote:
> I'm starting to roll out nxlog / Sidecar to replace our Splunk install.
>
I'm starting to roll out nxlog / Sidecar to replace our Splunk install.
However the Windows Event Logs seem to make it into Graylog just fine
without Sidecar being installed. What does installing Sidecar add to the
mix?
Nathan
--
You received this message because you are subscribed to the
Hi,
In accodrance with current
documentation
http://docs.graylog.org/en/2.0/pages/installation/operating_system_packages.html#prerequisites
Graylog
requires MongoDB (>= 2.4) and CentOS installation
instruction http://docs.graylog.org/en/2.0/pages/installation/os/centos.html
describes
Hi Anant,
maybe Midori is using another certificate store than the other web browsers
you've mentioned.
In any case, if you're using a self-signed certificate, you need to add
this certificate to the list of trusted certificates in your web browser or
system trust store.
On an additional
Hi Dennis,
I am looking for other details that I might have missed but there is this
strange thing happening, I tried to run Graylog on "Midori" without any
changes in the configuration and its running just fine, but its not on
Mozilla, IE or Chrome. I am attaching the screenshot. Please
Hi Ricardo,
try configuring *less* heap memory for your JVM, ideally less than 32G.
See
https://blog.codecentric.de/en/2014/02/35gb-heap-less-32gb-java-jvm-memory-oddities/
for details.
Cheers,
Jochen
On Wednesday, 24 August 2016 15:02:10 UTC+2, Ricardo Ferreira wrote:
>
> So, we have a 2
Hey Anant,
it looks like https://172.16.0.78:12900/ is not reachable from your browser.
Please make sure that your browser can connect to the REST API. For further
information, please have a look at
http://docs.graylog.org/en/2.0/pages/configuration/web_interface.html.
Kind regards,
Hi Jochen,
First of all, thanks again for taking your time. Its very highly
appreciated :)
Ok sure, from a bash script, the GELF is generated like this:
FILES=$(/bin/cat /var/log/avscanoutputfile | /bin/grep ^/)
echo -e '{
"version": "1.1",
Hi Jochen,
First of all, thanks again for taking your time. Its very highly
appreciated :)
Ok sure, from a bash script, the GELF is generated like this:
FILES=$(/bin/cat /var/log/avscanoutputfile | /bin/grep ^/)
echo -e '{
"version": "1.1",
Thank you Marius!
Confirming that I didn't even consider that... I've just updated my copy of
sidecar and it now functions correctly.
Cheers,
Michael
On Wednesday, 24 August 2016 18:38:31 UTC+10, Marius Sturm wrote:
>
> Hi Michael,
> usually the issue is a better place to ask related
Oh I agree and have switched to Grok since I posted the original message.
Yes those are IIS :)
However, Grok patterns takes much more time to configure where CSV
literally takes 20 sec to setup. I'm just getting lazy I suppose haha
Anyhow, CSV seems problematic for certain delimiters and
Hi,
splitting a message into multiple messages according to the pattern you've
mentioned is kind of hard.
I would (still) recommend changing the generation of the GELF messages at
the source and send one GELF message for each infected/found file. If you
tell us, how you generate the GELF
Hi Michael,
usually the issue is a better place to ask related questions. In your case
I guess you updated the collector server plugin but didn't do the same for
the sidecar itself. After installing the latest sidecar version the fields
should be gone and the config should be valid again.
Cheers,
21 matches
Mail list logo