First time setting up Graylog and Elasticsearch Receiving the errors in the subject line.
Configs and logs below: ES yml cluster.name: graylog2 network.bind_host: localhost http.port: 9200 discovery.zen.ping.unicast.hosts: 127.0.0.1 script.inline: off script.indexed: off Graylog server.conf is_master = true node_id_file = /etc/graylog/server/node-id password_secret = <secret> root_password_sha2 = <secret> plugin_dir = /usr/share/graylog-server/plugin rest_listen_uri = http://127.0.0.1:12900/ rotation_strategy = count elasticsearch_max_docs_per_index = 20000000 rotation_strategy = count elasticsearch_max_docs_per_index = 20000000 elasticsearch_max_number_of_indices = 20 retention_strategy = delete elasticsearch_max_number_of_indices = 20 retention_strategy = delete elasticsearch_shards = 4 elasticsearch_replicas = 0 elasticsearch_index_prefix = graylog allow_leading_wildcard_searches = false allow_highlighting = false elasticsearch_discovery_zen_ping_unicast_hosts = 127.0.0.1 elasticsearch_analyzer = standard output_batch_size = 500 output_flush_interval = 1 output_fault_count_threshold = 5 output_fault_penalty_seconds = 30 processbuffer_processors = 5 outputbuffer_processors = 3 processor_wait_strategy = blocking ring_size = 65536 inputbuffer_ring_size = 65536 inputbuffer_processors = 2 inputbuffer_wait_strategy = blocking message_journal_enabled = true message_journal_dir = /var/lib/graylog-server/journal lb_recognition_period_seconds = 3 mongodb_uri = mongodb://localhost/graylog mongodb_max_connections = 1000 mongodb_threads_allowed_to_block_multiplier = 5 content_packs_dir = /usr/share/graylog-server/contentpacks content_packs_auto_load = grok-patterns.json graylog-server.log 2016-05-16T15:06:11.556-04:00 INFO [CmdLineTool] Loaded plugins: [Anonymous Usage Statistics 2.0.1 [org.graylog.plugins.usagestatistics.UsageStatsPlugin], Pipeline Processor Plugin 1.0.0-beta.3 [org.graylog.plugins.pipelineprocessor.ProcessorPlugin], Collector 1.0.1 [org.graylog.plugins.collector.CollectorPlugin], MapWidgetPlugin 1.0.1 [org.graylog.plugins.map.MapWidgetPlugin], Enterprise Integration Plugin 1.0.1 [org.graylog.plugins.enterprise_integration.EnterpriseIntegrationPlugin]] 2016-05-16T15:06:11.666-04:00 INFO [CmdLineTool] Running with JVM arguments: -Xms1g -Xmx1g -XX:NewRatio=1 -XX:+ResizeTLAB -XX:+UseConcMarkSweepGC -XX:+CMSConcurrentMTEnabled -XX:+CMSClassUnloadingEnabled -XX:+UseParNewGC -XX:-OmitStackTraceInFastThrow -Dlog4j.configurationFile=file:///etc/graylog/server/log4j2.xml -Djava.library.path=/usr/share/graylog-server/lib/sigar -Dgraylog2.installation_source=rpm 2016-05-16T15:06:14.252-04:00 INFO [InputBufferImpl] Message journal is enabled. 2016-05-16T15:06:14.480-04:00 INFO [LogManager] Loading logs. 2016-05-16T15:06:14.579-04:00 INFO [LogManager] Logs loading complete. 2016-05-16T15:06:14.580-04:00 INFO [KafkaJournal] Initialized Kafka based journal at /var/lib/graylog-server/journal 2016-05-16T15:06:14.614-04:00 INFO [InputBufferImpl] Initialized InputBufferImpl with ring size <65536> and wait strategy <BlockingWaitStrategy>, running 2 parallel message handlers. 2016-05-16T15:06:14.657-04:00 INFO [cluster] Cluster created with settings {hosts=[localhost:27017], mode=SINGLE, requiredClusterType=UNKNOWN, serverSelectionTimeout='30000 ms', maxWaitQueueSize=5000} 2016-05-16T15:06:14.694-04:00 INFO [cluster] No server chosen by ReadPreferenceServerSelector{readPreference=primary} from cluster description ClusterDescription{type=UNKNOWN, connectionMode=SINGLE, all=[ServerDescription{address=localhost:27017, type=UNKNOWN, state=CONNECTING}]}. Waiting for 30000 ms before timing out 2016-05-16T15:06:14.738-04:00 INFO [connection] Opened connection [connectionId{localValue:1, serverValue:93}] to localhost:27017 2016-05-16T15:06:14.740-04:00 INFO [cluster] Monitor thread successfully connected to server with description ServerDescription{address=localhost:27017, type=STANDALONE, state=CONNECTED, ok=true, version=ServerVersion{versionList=[3, 2, 6]}, minWireVersion=0, maxWireVersion=4, maxDocumentSize=16777216, roundTripTimeNanos=694440} 2016-05-16T15:06:14.750-04:00 INFO [connection] Opened connection [connectionId{localValue:2, serverValue:94}] to localhost:27017 2016-05-16T15:06:15.005-04:00 INFO [NodeId] Node ID: b8f9b2e6-ce5f-451a-b8b4-4109281c831d 2016-05-16T15:06:15.106-04:00 INFO [node] [graylog-b8f9b2e6-ce5f-451a-b8b4-4109281c831d] version[2.3.2], pid[9867], build[b9e4a6a/2016-04-21T16:03:47Z] 2016-05-16T15:06:15.106-04:00 INFO [node] [graylog-b8f9b2e6-ce5f-451a-b8b4-4109281c831d] initializing ... 2016-05-16T15:06:15.117-04:00 INFO [plugins] [graylog-b8f9b2e6-ce5f-451a-b8b4-4109281c831d] modules [], plugins [graylog-monitor], sites [] 2016-05-16T15:06:17.040-04:00 INFO [node] [graylog-b8f9b2e6-ce5f-451a-b8b4-4109281c831d] initialized 2016-05-16T15:06:17.138-04:00 INFO [Version] HV000001: Hibernate Validator 5.2.4.Final 2016-05-16T15:06:17.396-04:00 INFO [ProcessBuffer] Initialized ProcessBuffer with ring size <65536> and wait strategy <BlockingWaitStrategy>. 2016-05-16T15:06:19.909-04:00 INFO [RulesEngineProvider] No static rules file loaded. 2016-05-16T15:06:19.973-04:00 INFO [connection] Opened connection [connectionId{localValue:3, serverValue:95}] to localhost:27017 2016-05-16T15:06:20.177-04:00 WARN [GeoIpResolverEngine] GeoIP database file does not exist: /tmp/GeoLite2-City.mmdb 2016-05-16T15:06:20.192-04:00 INFO [OutputBuffer] Initialized OutputBuffer with ring size <65536> and wait strategy <BlockingWaitStrategy>. 2016-05-16T15:06:20.858-04:00 INFO [ServerBootstrap] Graylog server 2.0.1 (81e0187) starting up 2016-05-16T15:06:20.859-04:00 INFO [ServerBootstrap] JRE: Oracle Corporation 1.8.0_91 on Linux 3.10.0-327.el7.x86_64 2016-05-16T15:06:20.859-04:00 INFO [ServerBootstrap] Deployment: rpm 2016-05-16T15:06:20.859-04:00 INFO [ServerBootstrap] OS: CentOS Linux 7 (Core) (centos) 2016-05-16T15:06:20.859-04:00 INFO [ServerBootstrap] Arch: amd64 2016-05-16T15:06:20.865-04:00 WARN [DeadEventLoggingListener] Received unhandled event of type <org.graylog2.plugin.lifecycles.Lifecycle> from event bus <AsyncEventBus{graylog-eventbus}> 2016-05-16T15:06:20.915-04:00 INFO [PeriodicalsService] Starting 24 periodicals ... 2016-05-16T15:06:20.916-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.ThroughputCalculator] periodical in [0s], polling every [1s]. 2016-05-16T15:06:20.920-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.AlertScannerThread] periodical in [10s], polling every [60s]. 2016-05-16T15:06:20.927-04:00 INFO [node] [graylog-b8f9b2e6-ce5f-451a-b8b4-4109281c831d] starting ... 2016-05-16T15:06:20.930-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.BatchedElasticSearchOutputFlushThread] periodical in [0s], polling every [1s]. 2016-05-16T15:06:20.930-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.ClusterHealthCheckThread] periodical in [0s], polling every [20s]. 2016-05-16T15:06:20.955-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.ContentPackLoaderPeriodical] periodical, running forever. 2016-05-16T15:06:20.956-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.GarbageCollectionWarningThread] periodical, running forever. 2016-05-16T15:06:20.957-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexerClusterCheckerThread] periodical in [0s], polling every [30s]. 2016-05-16T15:06:20.958-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexRetentionThread] periodical in [0s], polling every [300s]. 2016-05-16T15:06:20.959-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexRotationThread] periodical in [0s], polling every [10s]. 2016-05-16T15:06:20.960-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.NodePingThread] periodical in [0s], polling every [1s]. 2016-05-16T15:06:20.962-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.VersionCheckThread] periodical in [300s], polling every [1800s]. 2016-05-16T15:06:20.965-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.ThrottleStateUpdaterThread] periodical in [1s], polling every [1s]. 2016-05-16T15:06:20.967-04:00 INFO [Periodicals] Starting [org.graylog2.events.ClusterEventPeriodical] periodical in [0s], polling every [1s]. 2016-05-16T15:06:20.968-04:00 INFO [Periodicals] Starting [org.graylog2.events.ClusterEventCleanupPeriodical] periodical in [0s], polling every [300s]. 2016-05-16T15:06:20.970-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.ClusterIdGeneratorPeriodical] periodical, running forever. 2016-05-16T15:06:20.971-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexRangesMigrationPeriodical] periodical, running forever. 2016-05-16T15:06:20.972-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexRangesCleanupPeriodical] periodical in [15s], polling every [3600s]. 2016-05-16T15:06:20.974-04:00 INFO [IndexRetentionThread] Elasticsearch cluster not available, skipping index retention checks. 2016-05-16T15:06:20.997-04:00 INFO [connection] Opened connection [connectionId{localValue:4, serverValue:96}] to localhost:27017 2016-05-16T15:06:21.002-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2016-05-16T15:06:21.004-04:00 INFO [connection] Opened connection [connectionId{localValue:7, serverValue:99}] to localhost:27017 2016-05-16T15:06:21.011-04:00 INFO [connection] Opened connection [connectionId{localValue:5, serverValue:97}] to localhost:27017 2016-05-16T15:06:21.025-04:00 INFO [connection] Opened connection [connectionId{localValue:6, serverValue:98}] to localhost:27017 2016-05-16T15:06:21.039-04:00 INFO [PeriodicalsService] Not starting [org.graylog2.periodical.UserPermissionMigrationPeriodical] periodical. Not configured to run on this node. 2016-05-16T15:06:21.040-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.AlarmCallbacksMigrationPeriodical] periodical, running forever. 2016-05-16T15:06:21.040-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.ConfigurationManagementPeriodical] periodical, running forever. 2016-05-16T15:06:21.077-04:00 INFO [Periodicals] Starting [org.graylog2.periodical.LdapGroupMappingMigration] periodical, running forever. 2016-05-16T15:06:21.081-04:00 INFO [Periodicals] Starting [org.graylog.plugins.usagestatistics.UsageStatsNodePeriodical] periodical in [300s], polling every [21600s]. 2016-05-16T15:06:21.093-04:00 INFO [Periodicals] Starting [org.graylog.plugins.usagestatistics.UsageStatsClusterPeriodical] periodical in [300s], polling every [21600s]. 2016-05-16T15:06:21.094-04:00 INFO [Periodicals] Starting [org.graylog.plugins.collector.periodical.PurgeExpiredCollectorsThread] periodical in [0s], polling every [3600s]. 2016-05-16T15:06:21.291-04:00 INFO [transport] [graylog-b8f9b2e6-ce5f-451a-b8b4-4109281c831d] publish_address {127.0.0.1:9350}, bound_addresses {[::1]:9350}, {127.0.0.1:9350} 2016-05-16T15:06:21.306-04:00 INFO [discovery] [graylog-b8f9b2e6-ce5f-451a-b8b4-4109281c831d] graylog/UaTjI60mTkWrF7IVhIEGhg 2016-05-16T15:06:21.455-04:00 INFO [AbstractJerseyService] Enabling CORS for HTTP endpoint 2016-05-16T15:06:24.333-04:00 WARN [discovery] [graylog-b8f9b2e6-ce5f-451a-b8b4-4109281c831d] waited for 3s and no initial state was set by the discovery 2016-05-16T15:06:24.334-04:00 INFO [node] [graylog-b8f9b2e6-ce5f-451a-b8b4-4109281c831d] started 2016-05-16T15:06:24.547-04:00 INFO [NetworkListener] Started listener bound to [127.0.0.1:9000] 2016-05-16T15:06:24.550-04:00 INFO [HttpServer] [HttpServer] Started. 2016-05-16T15:06:24.551-04:00 INFO [WebInterfaceService] Started Web Interface at <http://127.0.0.1:9000/> 2016-05-16T15:06:29.343-04:00 WARN [IndexerSetupService] Could not connect to Elasticsearch 2016-05-16T15:06:29.344-04:00 INFO [IndexerSetupService] If you're using multicast, check that it is working in your network and that Elasticsearch is accessible. Also check that the cluster name setting is correct. 2016-05-16T15:06:29.344-04:00 INFO [IndexerSetupService] See http://docs.graylog.org/en/2.0/pages/configuring_es.html for details. 2016-05-16T15:06:29.676-04:00 INFO [NetworkListener] Started listener bound to [127.0.0.1:12900] 2016-05-16T15:06:29.677-04:00 INFO [HttpServer] [HttpServer-1] Started. 2016-05-16T15:06:29.677-04:00 INFO [RestApiService] Started REST API at <http://127.0.0.1:12900/> 2016-05-16T15:06:29.678-04:00 INFO [ServiceManagerListener] Services are healthy 2016-05-16T15:06:29.679-04:00 INFO [InputSetupService] Triggering launching persisted inputs, node transitioned from Uninitialized [LB:DEAD] to Running [LB:ALIVE] 2016-05-16T15:06:29.682-04:00 INFO [ServerBootstrap] Services started, startup times in ms: {InputSetupService [RUNNING]=5, MetricsReporterService [RUNNING]=57, KafkaJournal [RUNNING]=57, BufferSynchronizerService [RUNNING]=58, OutputSetupService [RUNNING]=78, PeriodicalsService [RUNNING]=230, JournalReader [RUNNING]=267, WebInterfaceService [RUNNING]=3633, IndexerSetupService [RUNNING]=8430, RestApiService [RUNNING]=8781} 2016-05-16T15:06:29.687-04:00 INFO [ServerBootstrap] Graylog server up and running. 2016-05-16T15:06:35.972-04:00 INFO [IndexRangesCleanupPeriodical] Skipping index range cleanup because the Elasticsearch cluster is unreachable or unhealthy 2016-05-16T15:07:20.966-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2016-05-16T15:07:50.969-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2016-05-16T15:08:20.973-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2016-05-16T15:08:50.977-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2016-05-16T15:09:20.980-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2016-05-16T15:09:50.984-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2016-05-16T15:10:20.989-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2016-05-16T15:10:50.993-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2016-05-16T15:11:20.959-04:00 INFO [IndexRetentionThread] Elasticsearch cluster not available, skipping index retention checks. 2016-05-16T15:11:20.998-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2016-05-16T15:11:51.001-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2016-05-16T15:11:51.140-04:00 ERROR [UsageStatsClusterPeriodical] Uncaught exception in periodical org.elasticsearch.discovery.MasterNotDiscoveredException at org.elasticsearch.action.support.master.TransportMasterNodeAction$AsyncSingleAction$5.onTimeout(TransportMasterNodeAction.java:226) ~[graylog.jar:?] at org.elasticsearch.cluster.ClusterStateObserver$ObserverClusterStateListener.onTimeout(ClusterStateObserver.java:236) ~[graylog.jar:?] at org.elasticsearch.cluster.service.InternalClusterService$NotifyTimeout.run(InternalClusterService.java:804) ~[graylog.jar:?] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [?:1.8.0_91] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [?:1.8.0_91] at java.lang.Thread.run(Thread.java:745) [?:1.8.0_91] 2016-05-16T15:12:21.005-04:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. Any help would be greatly appreciated. Thanks. EP -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/2aade4f7-c338-4b00-a1ba-f8eefd130235%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
