Hi Joshua, Graylog is expecting the message indexed into Elasticsearch to be in a very specific format. I'd suggest that you send those messages to Graylog (e. g. as GELF messages) instead of using the "side channel" of indexing those into Elasticsearch directly.
Additionally, some Graylog features like streams won't work if you don't index those messages via Graylog. Cheers, Jochen On Thursday, 21 January 2016 14:29:42 UTC+1, Joshua Stelten wrote: > > So we've set up a graylog server to test a few things and maybe use it for > our company later. > We want to send our own messages trough the Elasticsearch API using a curl > XPUT command. > If we use a XGET command, then it finds our log message. > If we look at the indices page in the graylog interface we can see that it > has stored our messages, but if we go and search them trough the interface > it shows up empty. > We also tried to establish a UDP input to test if graylog even finds > something. > If we send messages trough UDP, then graylog finds those messages. > But still doesn't find the ones we put in to elasticsearch directly, while > the index page still says that all those messages are there(both UDP and > XPUT). > > Does anyone know how we can get all messages to show up in the search? > > thank you! > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/de67b1db-ee52-4cbc-9faf-936dc3f6189c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
