Hi Jonatan,
are you stuck with the creating the rules for the streams themselves (e. g.
finding the correct regular expressions) or with the mechanics of creating
streams and stream rules in Graylog?
Cheers,
Jochen
On Wednesday, 18 March 2015 23:17:56 UTC+1, jonatan nilsson wrote:
Hello. I
Hi Joanes,
On Monday, 9 March 2015 16:47:22 UTC+1, Joanes Errea wrote:
Is it possible to POST a log message into graylog via the REST API?
No, that's not possible. You have to spawn a GELF HTTP input in Graylog
(see http://docs.graylog.org/en/1.0/pages/sending_data.html#gelf-via-http)
to be
Hello Lily,
Graylog currently supports structured syslog messages according to RFC 5424
https://tools.ietf.org/html/rfc5424#section-6.3. As far as I can see
there are several things missing or not according to the spec in the syslog
message format you're using.
Please try using the syslog
Hi Peter,
I haven't done this myself, but from what I know it should be as easy as
dropping one of the log4j GELF appenders (https://github.com/pstehlik/gelf4j
or https://github.com/t0xa/gelfj) into the class path (maybe you have to
adjust the class path settings in the JAVA_OPTS environment
Hi Mikhail,
currently Graylog exclusively supports MongoDB for storing configuration
data. Log messages are indexed into Elasticsearch.
Cheers,
Jochen
On Saturday, 7 March 2015 15:28:53 UTC+1, Mikhail Rezin wrote:
Is it possible to configure graylog to use Oracle's schema? What am I
Hi Kevin,
currently there are no official packages for CentOS 7 but you can use the
CentOS 6 packages on CentOS 7
https://github.com/Graylog2/fpm-recipes/issues/2#issuecomment-75162154.
There's also an open feature request about supporting RHEL7/CentOS 7 at
Hi,
since you've disabled Zen Discovery
http://www.elastic.co/guide/en/elasticsearch/reference/current/modules-discovery-zen.html
in Elasticsearch, you also have to use unicast discovery in Graylog, see
http://docs.graylog.org/en/1.0/pages/configuring_es.html#discovery-mode for
details.
Hi Evan,
currently there's no publicly available SNMP plugin for Graylog that I'm
aware of. This being said, it should be possible to write an SNMP input for
Graylog with rather little effort.
Cheers,
Jochen
On Thursday, 12 March 2015 23:35:12 UTC+1, Evan Fareed wrote:
I'm looking for a
Hi,
you can either create snapshots of the Elasticsearch indices directly (see
http://www.elastic.co/guide/en/elasticsearch/guide/current/backing-up-your-cluster.html)
or create a stream matching all messages and connect an output to that
stream to send messages to another system in a
, 2015 at 2:37 AM, Jochen Schalanda joc...@torch.sh
javascript: wrote:
Hi,
you can either create snapshots of the Elasticsearch indices directly
(see
http://www.elastic.co/guide/en/elasticsearch/guide/current/backing-up-your-cluster.html)
or create a stream matching all messages and connect
Hello Rahman,
I've created an issue on GitHub for this at
https://github.com/Graylog2/graylog2-server/issues/1047.
Cheers,
Jochen
On Friday, 6 March 2015 13:30:01 UTC+1, Rahman Duran wrote:
Hi,
When I use yesterday keyword graylog resolves it to From 2015-03-05
14:23:31 to 2015-03-06
Hi Mark,
the Elasticsearch node used internally by Graylog is just a client node by
default, which means that it doesn't store any data at all.
The message regarding -XX:PermSize and -XX:MaxPermSize=256m is probably
caused by the switch from Java 7 to Java 8. With Java 8 the JVM doesn't
have
Hi,
I guess the problem is that the number of non-indexed messages that were
moved into the index_failures collection in MongoDB, is just too large to
be fetched in a single request (what Graylog is doing internally). You can
still take a look at those messages using another MongoDB client at
Hi Tim,
you should have received an answer by now. If that's not the case, please
write a short email to he...@graylog.com. Thanks!
Best regards,
Jochen
On Monday, 23 March 2015 19:13:06 UTC+1, tslo...@outlook.com wrote:
Our company is trialing Graylog now and we had some questions around
Hi Florent,
700k open files sounds plain wrong and like a file descriptor leak. Could
you please create a bug report for this at
https://github.com/Graylog2/graylog2-server/issues/new and include the list
of open files of the Java process running Graylog on one of those servers?
Please also
Hello Sai,
1) Graylog doesn't work as a circular buffer but you can configure the
retention and rotation strategies for the Elasticsearch indices to come
close to that (see
https://github.com/Graylog2/graylog2-server/blob/1.0.1/misc/graylog2.conf#L88-126
for details).
2) Additionally to
:
Hello,
Github issue created (
https://github.com/Graylog2/graylog2-server/issues/1073), I have a
MongoDB dump but I don't know how to insert it into a github issue.
Regards.
2015-03-23 12:37 GMT+01:00 Jochen Schalanda joc...@torch.sh javascript:
:
Hi Jean-Luc,
the error message
:
Hello,
Do you need the server log file for the stacktrace or do you want me to
execute a special command to get it ?
2015-03-23 10:23 GMT+01:00 Jochen Schalanda joc...@torch.sh javascript:
:
Hi Jean-Luc,
that looks like a bug in Graylog's code. Could you please create an issue
at GitHub
Hi Avdhoot,
messages are tagged with the streams they've matched at ingestion time, so
you can simply search for messages of a specific stream by adding the
stream ID to the query, e. g. if the stream you'd like to search in has the
ID *548b1c18cafebabedeadbeef*, your query might be as simple
Hi Mike,
the error message We expected HTTP 200, but got a HTTP -1. is usually a
sign of a timeout in the communications of the web interface with Graylog.
You can increase the timeout for example to 10 seconds by adding the
following line to your graylog-web-interface.conf:
Hi Roberto,
I hope you're using at least Graylog2 0.92.x and even then I'd recommend
upgrading to Graylog 1.0.0 (it's really easy!).
If the stream URL opens a stream at all and not an error page, it's
supposed to be the correct stream. Maybe the events only happened in a
specific timeframe
Hi Pedro,
whatever your logstash is reading, it's not valid JSON in this case
(unexpected token at 'Uncaught exception! HTTP 500 Internal Server
Error').
Unfortunately it's kind of hard to find out what's wrong without any
further information about your setup, the logstash configuration, and
Hi,
what version of Graylog are you using and which kinds of inputs have you
configured? It's probably some kind of TCP input but details would be
greatly appreciated.
Cheers,
Jochen
On Thursday, 29 January 2015 19:20:58 UTC+1, J. Tozo wrote:
Hi,
Im tryin to figure out why does my
Hi Marcus,
please verify that *message_journal_dir* (
https://github.com/Graylog2/graylog2-server/blob/1.0.0-rc.1/misc/graylog2.conf#L245)
has been set to an existing directory in which Graylog is allowed to write.
We'll improve the error message for this scenario before releasing Graylog
Hi Jean-Luc,
that looks like a bug in Graylog's code. Could you please create an issue
at GitHub (https://github.com/Graylog2/graylog2-server/issues/new) for this
and include the stack trace and ideally the contents of the MongoDB
database
Hi Mike,
without having actually tested it, this should work if the index prefixes (
elasticsearch_index_prefix) are completely distinct, e. g. alpha_ and
beta_.
Cheers,
Jochen
On Monday, 20 April 2015 21:03:36 UTC+2, Mike Daoust wrote:
Is it possible to have 2 or more completely separate
Hello Kasimir,
this feature has been requested before and is being tracked at
https://github.com/Graylog2/graylog2-server/issues/1012.
Cheers,
Jochen
On Monday, 20 April 2015 18:34:20 UTC+2, Kasimir Blaser wrote:
Graylog version 1.1.0
When i add multiple Rules on one Stream, then these
Great, thanks for the feedback, Mike!
On Tuesday, 21 April 2015 17:21:48 UTC+2, Mike Daoust wrote:
In my test an elastic node/cluster can have 2 or more separate graylog
instances write to their own separate indexes and have each instance of
graylog only be able to view only its own index
Hi,
I'm not sure what you're referring to. UDP is, by definition, a
connection-less protocol so there's no connection which your firewalls or
packet filters could track in the first place. Could you please elaborate
on the problem?
Cheers,
Jochen
On Tuesday, 28 April 2015 14:31:08 UTC+2,
one connection for all
messages ?
Any library out there that supports this ?
Thanks alot ,
marți, 28 aprilie 2015, 16:27:42 UTC+3, Jochen Schalanda a scris:
Hi,
I'm not sure what you're referring to. UDP is, by definition, a
connection-less protocol so there's no connection which your
Hi Nilesh,
unless you have activated the access log for the Graylog REST API (which
would show the user name along with the DELETE request for the stream rule)
there's unfortunately to retroactively find out which user deleted the
stream rule.
There's a feature request on GitHub
at
Hi Karim,
it looks like some of your settings are invalid. Please post the relevant
configuration files somewhere (and replace sensitive data like credentials
before) so we can take a look at them.
Cheers,
Jochen
On Tuesday, 28 April 2015 22:14:17 UTC+2, Karim Mousli wrote:
hello everyone
Also, I have another node with Graylog2 0.20, messages from same sources
comes to logstash UDP input without problems.
So, I don't thinks that it is network related problems.
On Thursday, May 7, 2015 at 4:04:26 PM UTC+3, Jochen Schalanda wrote:
Hi Arkadiy,
not all network devices support
Hi Arkadiy,
not all network devices support UDP packets bigger than 8KiB (8192 bytes)
and this seems to be the case on your network somewhere. To circumvent this
restriction, Graylog or more specifically the GELF format supports chunking
which means splitting a large message into multiple UDP
Hi,
could you please elaborate on the problem you're facing?
In general, log messages being sent to Graylog can have timestamps in the
past. That's the case if the messages have been buffered somewhere between
the source and Graylog.
Cheers,
Jochen
On Wednesday, 6 May 2015 13:59:40 UTC+2,
Hi Nilesh,
Graylog is acting as a Elasticsearch node client, which means that it is a
normal part of the Elasticsearch cluster and just doesn't store any indexed
messages or acts as an Elasticsearch master node.
Since Graylog is essentially a part of the Elasticsearch cluster, it can
route
Hi Steven,
you can have MySQL log errors into syslog via the --syslog options for
mysqld, see
https://dev.mysql.com/doc/refman/5.7/en/mysqld-safe.html#option_mysqld_safe_syslog
and
http://mysqlserverteam.com/logging-with-mysql-error-logging-to-syslog-eventlog/
.
If you want to additionally
Hi Alejandro,
the hardware specs you've mentioned are totally fine. You could probably
get along with a quarter of that and still handle some load spikes over the
mentioned 300 msg/s.
Please check the logs of your Graylog server for any (error) messages
regarding Elasticsearch. Messages do
Hi Russel,
are the messages also truncated in the web interface if you check the
stream? There's no deliberate truncation of the messages in the backlog
(which is the list of messages that matched the alert condition when the
alert check ran), so I just want to make sure that the original
Hi Michael,
Graylog currently doesn't support processing XML (or any other structured
format) inside of message attributes, so the best you could do is either
trying to use some extractors to get to the interesting information in that
message attribute or preprocess the messages with another
suggestions would be greatly appreciated.
Thank you!
On Friday, May 15, 2015 at 4:43:14 AM UTC-4, Jochen Schalanda wrote:
Hi Russel,
are the messages also truncated in the web interface if you check the
stream? There's no deliberate truncation of the messages in the backlog
(which is the list
Hi Roddy,
for the first option you've described (creating a stream matching all
messages), you basically just need to create a stream with a single stream
rule which checks for the presence of a field that's always there, like
timestamp or message. Please refer to the documentation
at
Hi Alberto,
the indexed message format used by Graylog is different from the format
used by logstash. Additionally, Graylog only uses indices which start with
the configured index prefix
(https://github.com/Graylog2/graylog2-server/blob/1.0.2/misc/graylog2.conf#L138-139).
In other words, you
MB*
*Is it possible to grow up from 972 MB to 4 GB ??? How ???*
*Thanks*
2015-04-15 4:54 GMT-03:00 Jochen Schalanda joc...@graylog.com:
Hi Alejandro,
starting with Graylog 1.0.0, incoming messages are always written to the
disk journal (which is generally a good thing). You can disable
Hi Mark,
aggregations like counts of results or grouping them by a certain attribute
is currently not supported by Graylog.
Cheers,
Jochen
On Friday, 10 April 2015 23:41:33 UTC+2, Mark Moorcroft wrote:
This is probably a dumb newb question, but at this moment it's not obvious
to me. If I
Hi,
dashboards or generally the Graylog web interface currently do not support
anonymous access. You will always need a valid user account to access the
dashboards.
Cheers,
Jochen
On Tuesday, 14 April 2015 18:04:56 UTC+2, rmatrono wrote:
Is it possible to grant anonymous access to certain
Hi Maksim,
the Kafka input in Graylog 1.0.x currently only supports a proprietary
message format used in conjunction with Graylog Radio. We will probably add
additional message formats to the Kafka input in Graylog 1.1.0 (see
https://github.com/Graylog2/graylog2-server/issues/322).
Cheers,
Hi Florent,
Graylog works fine with Elasticsearch 1.5.0 and you can upgrade, if you
want to. I would recommend upgrading to Elasticsearch 1.4.4 at least.
Cheers,
Jochen
On Thursday, 9 April 2015 09:46:27 UTC+2, Florent B wrote:
Hi,
I'm running Graylog 1 with ES 1.4.1.
I would like to
Hi Jesse,
you could achieve something like you've described with streams (see
http://docs.graylog.org/en/1.0/pages/streams.html) where every stream
contains the messages of one tenant. For this to work, you'd have to create
each stream for each tenant explicitly, there's no automatism for it
.
Would this help or should i just copy the file to a different location and
delete the source with the help of curator.
Any ideas to include log rotation policy roles into elastic search in the
future release.
Thanks,
Hema
On Friday, April 3, 2015 at 3:23:35 PM UTC+5:30, Jochen
Hi Ubay,
the default timezone for a user is UTC.
Cheers,
Jochen
On Wednesday, 8 April 2015 09:48:29 UTC+2, Ubay wrote:
Hello,
My version of graylog is 1.0.1 and I want to know which is the default
time zone for the users if none is selected.
I have created a new user and is not
Hi Ubay,
that's currently not possible.
Cheers,
Jochen
On Wednesday, 8 April 2015 10:52:02 UTC+2, Ubay wrote:
Thank you
Is there any way to change the default time zone for new LDAP users?
Regards.
El miércoles, 8 de abril de 2015, 9:43:07 (UTC+1), Jochen Schalanda
escribió:
Hi
Hi Claudio,
please refer to the logstash manual
at https://www.elastic.co/guide/en/logstash/current/index.html
Cheers,
Jochen
On Wednesday, 20 May 2015 12:29:32 UTC+2, Claudio Fiordi wrote:
Is there a specific command ?
Il giorno mercoledì 20 maggio 2015 12:28:20 UTC+2, Jochen Schalanda ha
Hi Claudio,
you can happily run the logstash process on the same machine as Graylog.
Cheers,
Jochen
On Wednesday, 20 May 2015 12:21:15 UTC+2, Claudio Fiordi wrote:
But logtash must be a distincted machine ??
--
You received this message because you are subscribed to the Google Groups
Hi Claudio,
I'm not completely sure I understand what you want to achieve. In case you
want to read emails from an email server and process them via Graylog,
that's not possible out-of-the-box right now.
There is an IMAP input for logstash
Hi Roddy,
once the user has selected a stream from the streams overview page (might
be just the one stream the user has access to) and the actual stream page
opens, there will be a search bar at the top.
Hi Daniel,
you could use index templates for this
(https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-templates.html)
but Graylog has not been tested with other data types in Elasticsearch, so
you're on your own if any errors occur due to the index mapping changes.
Hi Alberto,
Graylog isn't imposing any index mapping (well, only a very minimal one) to
the messages being indexed into Elasticsearch. This means that
Elasticsearch is trying on a best-effort base to guess the type of the
message attributes. If the *wait_time* attribute only ever contained
Hi Mark,
please check the logs of both Graylog servers and of the web interface. At
least in the web interface logs there should be some messages if an error
page was shown. Also make sure that you're also running the latest web
interface if you're running the latest version of Graylog server.
Hi,
there's an issue/pull request on GitHub for tracking this regression and it
will probably be part of the next version of
Graylog: https://github.com/Graylog2/graylog2-web-interface/pull/1446
Cheers,
Jochen
On Friday, 5 June 2015 19:01:35 UTC+2, fungusakafungus wrote:
Since graylog 1.1
Hi Nilesh,
you can use the time-based index rotation strategy
(see
https://github.com/Graylog2/graylog2-server/blob/1.1.1/misc/graylog2.conf#L89-95)
to rotate indices every month (or every week or basically any interval
you'd like) and then use the standard Elasticsearch means to backup
in production since 1 weeks and
are seeing 1k+ messages per second. So far so good. Only thing missing is
data security/protection from Elastic Search ;-(
On Wednesday, June 24, 2015 at 2:22:42 AM UTC-7, Jochen Schalanda wrote:
Hi Sreenath,
Graylog 1.1.3 is a drop-in replacement for Graylog
Hi Pete,
upgrading from Graylog 1.0.2 to Graylog 1.1.3 is basically a drop-in
replacement. Just install the new version and use your old configuration
file. We recommend upgrading Elasticsearch to version 1.5.2 or 1.6.0,
though.
Cheers,
Jochen
On Wednesday, 24 June 2015 03:33:16 UTC+2, Peter
Hi Sreenath,
Graylog 1.1.3 is a drop-in replacement for Graylog 1.1.2 (and any other
Graylog 1.1.x version). There have been no changes to the configuration
file.
Cheers,
Jochen
On Wednesday, 24 June 2015 05:44:55 UTC+2, Sreenath V wrote:
Upgrading from 1.1.2 to 1.1.3, was there any changes
Hi Alex,
you'll have to remove the write block from those indices before you can
remove
documents:
https://www.elastic.co/guide/en/elasticsearch/reference/1.6/indices-update-settings.html
Cheers,
Jochen
On Wednesday, 24 June 2015 11:27:04 UTC+2, Alex B. wrote:
When using wildcards, i get
Hi Nik,
Graylog itself doesn't support anomaly detection at the moment but you
could integrate it with something like Riemann (http://riemann.io/) using
the Riemann Output plugin (
https://github.com/Graylog2/graylog2-plugin-output-riemann).
Cheers,
Jochen
On Wednesday, 24 June 2015 14:36:11
...We are already live in production since 1 weeks and
are seeing 1k+ messages per second. So far so good. Only thing missing is
data security/protection from Elastic Search ;-(
On Wednesday, June 24, 2015 at 2:22:42 AM UTC-7, Jochen Schalanda wrote:
Hi Sreenath,
Graylog 1.1.3 is a drop
Hi,
the upgrade path depends on which version you're trying to upgrade from.
Which version of Graylog2 are you currently running?
Cheers,
Jochen
On Friday, 26 June 2015 19:34:05 UTC+2, slhac tivist wrote:
How can I upgrade from graylog2 to graylogv1.1.3?
--
You received this message
Hi,
Graylog2 was the old name of the project prior to Graylog 1.0.0 and there
are still some references left when changing the name from Graylog2 to
Graylog didn't warrant the effort, like the Java source package names or
some references in the configuration file and scripts. They will vanish
Hi Alex,
while we haven't extensively tested Graylog 1.1.2 with Elasticsearch 1.6.0,
it should work out of the box as the Elasticsearch binary transport
protocol hasn't changed in an incompatible way.
Cheers,
Jochen
On Thursday, 11 June 2015 12:28:59 UTC+2, Alex B. wrote:
Hello ! Is Graylog
Hi Mark,
input configurations are being stored inside MongoDB and are linked to the
node ID. If your slave Graylog instance is either using another node ID
or isn't able to access the MongoDB with the input configurations, you'll
see the message (deleted input on outdated node) in the web
Hi Pete,
which browser (exact version and operating system) are you using? I've just
tried to reproduce this on Chrome 43.0.2357.81 and Safari 8.0.6 on Mac OS X
10.10 but the functionality worked.
Do you see any error messages in your browser's JavaScript console?
Cheers,
Jochen
On Monday,
by mistake.
On Tuesday, June 16, 2015 at 1:18:53 AM UTC-7, Jochen Schalanda wrote:
Hi Mark,
you could probably create read-only users and assign them to a stream
with messages relevant to them.
Cheers,
Jochen
--
You received this message because you are subscribed to the Google Groups
Hi Guido,
I could reproduce the issue and it will be fixed in Graylog 1.1.3
(https://github.com/Graylog2/graylog2-web-interface/issues/1492). Thanks
for reporting the bug!
Cheers,
Jochen
On Wednesday, 17 June 2015 09:41:12 UTC+2, Guido Kölsch wrote:
Hi Jochen,
yes, the export was working
:23:43 UTC+2, Nilesh Date wrote:
Hi Jochen,
Thanks for the reply.
A question regarding restoration, It it possible to restore data from
specific time interval instead of whole Indices or snapshot ?
Thanks,
*Nilesh Date*
On Tue, Jun 9, 2015 at 5:35 PM, Jochen Schalanda wrote:
Hi Nilesh
Hi Guido,
did the CSV export work with the same setup on Graylog 1.0.x? If so, please
create a bug report for that at
https://github.com/Graylog2/graylog2-server/issues/new. Thanks!
How do you try to start the export, in the web interface or directly with
the Graylog REST API?
Cheers,
ability to users without making them an
admin on the master?
On Monday, June 15, 2015 at 6:17:23 AM UTC-7, Jochen Schalanda wrote:
Hi Mark,
input configurations are being stored inside MongoDB and are linked to
the node ID. If your slave Graylog instance is either using another node
ID
Hi Jesse,
how exactly are you searching for those fields? Please be aware that
additional fields aren't analyzed and thus wildcard search (e. g.
syslogprog:fire*) won't work.
Cheers,
Jochen
On Thursday, 28 May 2015 04:02:21 UTC+2, Jesse Skrivseth wrote:
So I have a collection of Grok
Hi Lily,
please refer to the rsyslog documentation for examples:
-
http://www.rsyslog.com/doc/v8-stable/configuration/modules/mmnormalize.html
-
http://www.rsyslog.com/doc/v8-stable/configuration/modules/mmjsonparse.html
- http://www.rsyslog.com/tag/structured-data/
Cheers,
Hi Lily,
please consult the official rsyslog support channels for detailed questions
about rsyslog configuration: http://www.rsyslog.com/doc/free_support.html
Cheers,
Jochen
On Thursday, 28 May 2015 13:55:35 UTC+2, Lily Chadha wrote:
Hi Jochen,
After loading mmjsonparse,i am still getting
Hi,
you can find the init scripts for Graylog in the fpm-recipes (
https://github.com/Graylog2/fpm-recipes) repository, e. g. the Debian SysV
init script at
https://github.com/Graylog2/fpm-recipes/blob/1.1/recipes/graylog-server/files/debian/init.d
.
Cheers,
Jochen
On Monday, 6 July 2015
Hi Mark,
thanks for your praise! Of course we would've liked not to release Graylog
1.1.1 and 1.1.2 in such short succession, but the latest release should be
fine now. ;-)
Regarding your question about Elasticsearch, there are just a few smaller
bugfixes and a non-critical security fix in
Just for the record: The problem was a missing database name in the
mongodb_uri setting
(https://github.com/Graylog2/graylog2-server/blob/1.1.2/misc/graylog2.conf#L311-313)
which caused an unfortunate chain reaction while initializing the object
graph on startup. We've made this error
Hi Alberto,
with data you probably mean the indexed messages, i. e. the on-disk
Elasticsearch indices. In this case you have to change the *path.data*
setting in your Elasticsearch configuration file (see
Hi Vijayindu,
what kind of input did you create in Graylog to receive the messages from
Fluentd? As far as I know, it currently only supports GELF via UDP, so
you'll need a GELF UDP input in Graylog.
Cheers,
Jochen
On Tuesday, 26 May 2015 10:11:17 UTC+2, Vijayindu Gamage wrote:
Hi All,
I
Additionally I just found https://www.opencsw.org/package/syslog_ng/ which
might just help you…
On Tuesday, 26 May 2015 15:33:36 UTC+2, Jochen Schalanda wrote:
Hi Nilesh,
at least Solaris 11.1 and later seems to provide rsyslog (almost) out of
the box:
http://www.c0t0d0s0.org/archives
Hi Nilesh,
at least Solaris 11.1 and later seems to provide rsyslog (almost) out of
the box:
http://www.c0t0d0s0.org/archives/7631-Less-known-Solaris-11.1-features-rsyslog.html.
You might want to use this as a replacement for syslog-ng.
Other than that there seems to be
?
- Windows event log support
- Windows service support (runs as a Windows service)
are there more details?
Alberto
2015-05-21 14:48 GMT+02:00 Jochen Schalanda joc...@graylog.com:
Hi Alberto,
currently it's not possible to run multiple retention strategies within
Graylog and it won't
Hi Jason,
I hear that some form of geoip support is expected in graylog-1.2?
That's currently not planned.
Cheers,
Jochen
On Wednesday, 12 August 2015 23:01:52 UTC+2, Jason Haar wrote:
Hi there
I hear that some form of geoip support is expected in graylog-1.2? As
such, what can I do
Hi Jason,
we'll update the product idea items accordingly. Thanks for bringing this
to our attention!
Cheers,
Jochen
On Thursday, 13 August 2015 00:28:46 UTC+2, Jason Haar wrote:
On 13/08/15 09:06, Jochen Schalanda wrote:
Hi Jason,
I hear that some form of geoip support is expected
Hi Simon,
support for HTTPS in the GELF HTTP input will be added in Graylog 1.2.0. If
you cannot wait that long, you could put a reverse proxy or a small tool
like stunnel (https://www.stunnel.org/index.html) in front of the input.
Cheers,
Jochen
On Thursday, 13 August 2015 10:08:59 UTC+2,
Hi Gangadhar,
currently only Graylog's own resources are being scanned and made available
in the API browser. Please add a feature request
at https://github.com/Graylog2/graylog2-server/issues/new if you think that
the JAX-RS resources of plugins should be listed as well.
Cheers,
Jochen
On
Hi,
are there anymore details about the SearchPhaseExecutionException in the
Graylog server logs (like a complete stack trace or details on the shard
failures) or general error messages in the Elasticsearch logs?
Cheers,
Jochen
On Wednesday, 19 August 2015 15:42:17 UTC+2, Graylog2 wrote:
Hi,
this problem is related to the dynamic index mapping created by
Elasticsearch. See https://github.com/Graylog2/graylog2-server/issues/903
and https://github.com/Graylog2/graylog2-server/issues/1063 for related
issues and possible workarounds.
Cheers,
Jochen
On Wednesday, 19 August 2015
Hi Ed,
you'll have to modify the log4j configuration file (see
https://github.com/Graylog2/graylog2-server/blob/1.1.6/graylog2-bootstrap/src/main/resources/log4j.xml
and
https://logging.apache.org/log4j/1.2/apidocs/org/apache/log4j/PatternLayout.html)
used by Graylog and probably set the
Hi Vincent,
which Servlet container are you using? Which web framework (if one at all)?
And are you sure that Log4j has been the log framework being used in your
application?
Cheers,
Jochen
On Friday, 21 August 2015 05:28:59 UTC+2, Vincent Aprilius wrote:
Hi Jochen,
now i am trying using
Hi Guido,
there's a 3rd party syslog output plugin for Graylog (
https://github.com/dfch/biz.dfch.j.graylog.plugin.output.syslogoutput)
which you could use to send messages from a stream to a remote syslog
daemon which in turn can write those logs to disk.
Other than that I'm not aware of a
Hi Hayder,
aggregations (like count, grouping by a message attribute, etc.) are
currently not supported by Graylog.
Cheers,
Jochen
On Friday, 21 August 2015 10:14:58 UTC+2, Hayder Abbass wrote:
Hello,
We are thinking of using Graylog to collect logs data that will be later
used to
that client in collector.but it's not showing any logs.
Regards,
Ankur Goyal
On Aug 21, 2015 4:26 PM, Jochen Schalanda wrote:
Hi Ankur,
are there any error messages in the logs of the Graylog Collector? Can
the Graylog Collector reach the REST API of the configured Graylog server
node
Hi Kevin,
by default (and especially on Raw/Plaintext inputs) message timestamps are
stored in UTC. Maybe you didn't change the timezone settings of your
user(s) to match the actual timezone in your place?
Cheers,
Jochen
On Sunday, 23 August 2015 14:53:51 UTC+2, Kevin Johnson wrote:
I’m
101 - 200 of 1677 matches
Mail list logo