I am having a problem with my graylog server starting.
The issue is very similar to the following threads:
https://groups.google.com/d/msg/graylog2/JbotTATqAiw/udb_ANd_AAAJ
https://groups.google.com/d/msg/graylog2/WJlpfZ9J38E/rh3YA5bEAgAJ
I do not want to do the latter fix which was to install
Sorry about that.
My server.conf
# cat /etc/graylog/server/server.conf | egrep -v "^$|^#"
is_master = true
node_id_file = /etc/graylog/server/node-id
password_secret =
root_password_sha2 =
root_timezone = UTC
plugin_dir = /usr/share/graylog-server/plugin
rest_listen_uri = http://10.101.10.116
amp;sa=D&sntz=1&usg=AFQjCNGKQHkyjajFMyWj-PpzVjdBycWvBA>
>
> = 127.0.0.1
>
>
> Cheers,
> Jochen
>
> On Friday, 14 October 2016 17:44:51 UTC+2, d3pr3cat3d wrote:
>>
>> Sorry about that.
>>
>> My server.conf
>>
>> # cat /etc/
Hello, I am trying to get geolocation working.
# cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
# yum -y install geoip
# geoipupdate
MD5 Digest of installed database is 4cc97d426fbd0af868ae339aa9093061
/usr/share/GeoIP/GeoLiteCountry.dat is up to date, no updates required
GeoIP
, October 20, 2016 at 4:09:31 PM UTC-7, d3pr3cat3d wrote:
Hello, I am trying to get geolocation working.
>
> # cat /etc/redhat-release
> CentOS Linux release 7.2.1511 (Core)
>
> # yum -y install geoip
>
> # geoipupdate
> MD5 Digest of installed database is 4cc97d426fbd0af868ae3
Thanks for the reply. But even if I remove “_geolocation” it still does not
work.
for example:
%{IP:src_mapped_ip}
Or are you saying that I should have a field named “ip_geolocation”? I dont
have one.
I also have another tag named “asa_src_ip” and the same pop error is given.
I am making
Found this in the logs
2016-10-17T14:09:17.003-07:00 ERROR [MapDataResource] Map data query failed:
Invalid geo data term for field "asa_dst_ip": 8.8.8.8 (required: , -
example: 1.23,3.11)
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
Thank you all for your assistance. I got it working.
Obviously, the GeoIP package included in Centos base is not the same DB
that the plugin needs/uses.
What needs to be done is that GeoIP package included with Centos base also
includes geoipupdate, and if you edit /etc/GeoIP.conf and add: Ge
