Hey Bill,
could you tell us a bit more about the frustration you had when trying to build
a plugin, so we can either improve the documentation or the build process?
Kind regards,
D.
> On 31.01.2017, at 06:46, Bill Murrin wrote:
>
> Hi everyone,
>
> I'm attempting to build a web plugi
g doesn't. It is possible that haproxy is
> messing up the etag which is invalidating the browser's cache?
>
> On Tue, Jan 24, 2017 at 5:54 AM, Dennis Oelkers wrote:
> Hey Richard,
>
> thanks for the extensive and very valuable feedback. We put some thought into
>
Hey Richard,
thanks for the extensive and very valuable feedback. We put some thought
into architecting the web interface in a way that it's still usable on
slower connections/lower bandwidths and/or high-latency links, but it seems
we are still not there. Doing this is always a tradeoff betwee
Hey,
> On 04.01.2017, at 15:05, dhef...@gmail.com wrote:
>
> I've installed the Jabber Alarm Callback plugin and found it to be of little
> use and would like to make it a little more informative. It really only tells
> you about a specific stream triggered an alert for some reason but you have
Hey Nathan,
so routing the message into the stream seems to work. The reason why you did
not get an alert mail, is that you need to define an alert condition first. You
do that by clicking “Manage Alerts” in the Streams page next to your stream and
then follow the steps below “Add alert conditi
Hey Brad,
> On 08.09.2016, at 22:15, Brad Schauf wrote:
>
> I am new to this group.
>
> We have a three node Graylog 2.0.3 cluster and a three node Elasticsearch
> cluster.
>
> When the master node is not running, Graylog will still accept a message but
> it will not trigger an http callback
Hey Anant,
it looks like https://172.16.0.78:12900/ is not reachable from your browser.
Please make sure that your browser can connect to the REST API. For further
information, please have a look at
http://docs.graylog.org/en/2.0/pages/configuration/web_interface.html.
Kind regards,
D.
Hey Philipp,
which part of it is slow?
Kr,
D.
> On 19.08.2016, at 13:52, Philipp J. wrote:
>
> We use 2.0.3
>
> Am Donnerstag, 18. August 2016 10:15:32 UTC+2 schrieb Dennis Oelkers:
> Hey Philipp,
>
> which Graylog version are you using? Starting with 2.0, t
Hey Philipp,
which Graylog version are you using? Starting with 2.0, the web interface is a
client side application, which should consume much less resources on the
server, so upgrading might help you.
Kr,
D.
> On 17.08.2016, at 14:55, Philipp J. wrote:
>
> Hello,
>
> is there a pos
umption is correct, that should actually do it. Can you see anything in
your browser’s javascript console?
Kr,
D.
>
>
>
> Thanks again,
>
> Chauncey
>
>
> On Friday, July 1, 2016 at 12:45:18 AM UTC-7, Dennis Oelkers wrote:
> Hey Chauncey,
>
Hey Chauncey,
from your browser’s perspective, where is your server (providing the REST API)
running for the development environment?
You can configure how your development environment is reaching the server by
editing the graylog2-web-interface/config.js file in your local checkout and
adapt
Hey Martin,
we have now implemented a function to disable the proxy for requests going to
localhost. It is already merged and will be included in the next release of
Graylog.
Thanks for your support,
D.
> On 27.05.2016, at 12:19, Dennis Oelkers wrote:
>
>> On 27.05.20
Hey Todd,
what you can do at the moment is that your define streams for each input
(adding rules so that only the messages of this input are routed into the
stream) and then define the users to be readers for the corresponding streams.
Kr,
D.
> On 27.05.2016, at 17:22, Todd Bryant wro
Hey Rakesh,
thanks for contacting us. Could please provide a short overview over the rules
your have configured for your stream and the alert conditions which are not
triggered after a while? Do you see anything in your server log?
Kr,
D.
> On 30.05.2016, at 10:42, Rakesh R wrote:
>
Hey Lukas,
thanks for reporting this. Could you please open an issue on github for this?
(https://github.com/Graylog2/graylog2-server/issues/new)
We will investigate if this is a bug and possibly provide a fix for this.
Kr,
D.
> On 30.05.2016, at 10:46, Lukas Fenner wrote:
>
> Hello A
> On 27.05.2016, at 10:18, Martin René Mortensen
> wrote:
>
>
> On Friday, 27 May 2016 09:39:46 UTC+2, Dennis Oelkers wrote:
> Do you have the http_proxy_uri configuration directive set in your config
> file, by any chance?
>
> ah yes, I do, if it uses the http_p
that it is doing from the host itself
without problems. My guess would be that there is a proxy involved somewhere,
which (naturally) connects to a different localhost.
> On 26.05.2016, at 19:17, Martin René Mortensen
> wrote:
>
>
>
> On Thursday, 26 May 2016 17:20:44 UTC
Hey Nit,
you need to configure Graylog to use authentication for SMTP by using the
relevant configuration directives in your config file:
https://github.com/Graylog2/graylog2-server/blob/master/graylog2-server/src/main/java/org/graylog2/configuration/EmailConfiguration.java#L43-L47
Kind regards
Hey Pranay,
you need to make sure that the browser is able to access the Graylog server’s
REST API port directly, if you want the web interface to work.
Kr,
D.
> On 26.05.2016, at 17:47, Pranay Manwatkar wrote:
>
> ### Problem description
> I am unable to understand why browser is red
What happens when you do
curl -XPOST -u admin -v -H "Accept: application/json" -H "Content-Type:
application/json" -d '{"metrics": []}'
http://10.0.26.10:12900/system/metrics/multiple
on your server node itself?
Kr,
D.
> On 26.05.2016, at 15:55, kaiser wrote:
>
> Hello,
>
> I tried
;disabled","override_source":"","bind_address":"0.0.0.0","tls_cert_file":""},"static_fields":{},"node":null,"id":"5667d434a78e92fb03f07aa5"},{"title":"GELF
> UDP for security logs","glo
> On 26.05.2016, at 10:53, Martin René Mortensen
> wrote:
> Exactly what its saying. but it doesnt make any sense.
> 2016-05-26T09:20:46.527+02:00 WARN [ProxiedResource] Unable to call
> http://localhost:12900/system/metrics/multiple on node
> , result: Service Unavailable
> 2016-05-26T09:20:4
Hey Martin,
> On 26.05.2016, at 09:19, Martin René Mortensen
> wrote:
>
> After upgrading and reconfiguring my apache proxy for the new graylog-server
> 2.0.1 according to
> http://docs.graylog.org/en/2.0/pages/configuring_webif.html I can get it to
> login and see messages, but some pages a
Hi Daniel,
it might be a bit counterintuitive, but it seems like the code is doing exactly
what it’s supposed to do. The point that is probably confusing you, is that you
implicitly assume, that messages which had triggered an alert already, are not
taked into account anymore for future alert c
Hey Daniel,
how did you configure your alert condition?
Kind regards,
D.
> On 23.05.2016, at 08:45, 'Daniel4711' via Graylog Users
> wrote:
>
> Hey Guys,
>
> I´m logging failed logins for testing purposes.
>
> I want to get an Email after 2 messages in the last 5 minutes arrived in
Hi Jamie,
> On 20.05.2016, at 21:27, Jamie Ly wrote:
>
> Does anyone know of a more streamlined interface for the most recent version
> of graylog?
>
>
>
> I checked out https://github.com/Graylog2/graylog2-stream-dashboard which
> kind of works, but is missing the search capabilities of t
Hey Adel,
are your Graylog nodes able to connect to each other’s REST interface? It seems
like the node your web interface is using is not able to connect to the REST
interface of a node you want to view node details of.
Kr,
D.
--
Tel.: +49 (0)40 609 452 077
Fax.: +49 (0)40 609 452 078
Hey Eric,
regarding point 3: what are your exact security concerns about exposing the
REST API?
Kind regards,
D.
--
Tel.: +49 (0)40 609 452 077
Fax.: +49 (0)40 609 452 078
TORCH GmbH - A Graylog company
Steckelhörn 11
20457 Hamburg
Germany
Commercial Reg. (Registergericht): Amtsgerich
Hey Jayica,
it looks like the input you are trying to stop does not exist anymore. Are you
sre that it is still existing? Do you still see it in the inputs page after
refreshing?
Kind regards,
D.
--
Tel.: +49 (0)40 609 452 077
Fax.: +49 (0)40 609 452 078
TORCH GmbH - A Graylog company
Ste
Hey Shravan,
right now there is no builtin way to remove/disable the histogram. You would
need to hack the web interface sources to achieve this.
Why do you want to do this?
Kr,
D.
--
Tel.: +49 (0)40 609 452 077
Fax.: +49 (0)40 609 452 078
TORCH GmbH - A Graylog company
Steckelhörn 11
Hey Sean,
did you create a GELF TCP (not UDP!) Input on your graylog server on port 12201?
Kr,
D.
--
Tel.: +49 (0)40 609 452 077
Fax.: +49 (0)40 609 452 078
TORCH GmbH - A Graylog company
Steckelhörn 11
20457 Hamburg
Germany
Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 1
Hey Jesse!
We are planning to implement OR-concatenation of rules for the next major
release of Graylog. This will probably help you a lot for this specific use
case to make stream matching faster. Until then, you could try increasing the
“stream_processing_timeout” tunable in your server confi
Hey David!
How do you send in the logs? Via syslog? My bet is that the timestamps in the
syslog messages are either in the future or in the past (very MUCH in the past,
maybe even before back to the future was shot!). Can you validate this theory?
Kr,
D.
--
Tel.: +49 (0)40 609 452 077
named "range"?
>
>
> On Wednesday, July 1, 2015 at 8:13:27 AM UTC+1, Dennis Oelkers wrote:
> Hey Greg,
>
> your request payload is incorrect. You are passing a field named “relative”
> for the relative time range specification, it needs to be named “range”
> instead
Hey Greg,
your request payload is incorrect. You are passing a field named “relative” for
the relative time range specification, it needs to be named “range” instead.
Also you currently have to pass its value as a String (“0”) although it is
actually a number.
Kr,
D.
--
Tel.: +49 (0)4
hi Dennis,
> thanks for the quick reply,unfortunately this isn't the remedy, because I've
> already done this and followed all the steps in the documentation.
>
> Ben.
>
> On Tuesday, June 30, 2015 at 2:28:50 PM UTC+3, Dennis Oelkers wrote:
> Hey Ben,
>
> you need
Hey Ben,
you need to include a class in your plugin jar, that is defining the bindings
for your plugin classes. In your case it could look like this:
https://gist.github.com/dennisoelkers/1f34ac1ca558a23ce665
Kr,
D.
--
Tel.: +49 (0)40 609 452 077
Fax.: +49 (0)40 609 452 078
TORCH GmbH
Hey Kumaravel,
you need to define the application.context variable with a context of
“/graylog” in your graylog-web-interface.conf.
Kr,
D.
--
Tel.: +49 (0)40 609 452 077
Fax.: +49 (0)40 609 452 078
TORCH GmbH - A Graylog company
Steckelhörn 11
20457 Hamburg
Germany
Commercial Reg. (Re
Hey Cornelius,
On 29.08.2014, at 10:32, cornelius.r...@gmail.com wrote:
> Hello,
> any 2 or three days I get the following message within graylog2:
>
> Processing of a stream has been disabled due to excessive processing time. 16
> minutes ago
> The processing of stream SVP has taken too long f
Hey Shruti,
you can check the API docs for your Graylog2 server version by opening
http://$hostname:$port/api-browser in your browser, after replacing $hostname
and $port with the details of your local graylog2 server.
Kr,
D.
On 12.08.2014, at 09:15, shruti vardhaman wrote:
> Hello,
What do you mean exactly when you say it fails? What happens?
On 08.08.2014, at 09:11, Алексей Лакустов wrote:
> Good day,
>
> We have some problem with Graylog 0.20.6. It fails with 10k messages from
> network device (Cisco ASA) per second.
>
> System:
> OS: Ubuntu 12.4 x64
> CPU: 8 cores
>
Hey Joseph,
do you see any errors in the javascript console of your browser, your web
interface or your server log files?
Kr,
D.
On 31.07.2014, at 11:39, Joseph DJOMEDA wrote:
> Hello Gurus,
>
> I am experiencing a situation. I have been using graylog for search purpose
> only but I
Hey Ankit,
thanks for spotting this. This should help, yes. 9200 is the HTTP port of
elasticsearch, we are using the binary protocol to connect to the elasticsearch
cluster so port 9300 is correct.
Kr,
D.
On 30.07.2014, at 10:23, Ankit Mittal wrote:
> Hi Ankur,
>
> Please change the
Hey Ankit,
I was irritated by this too. The server log contains several attempts to get it
up and running. If you scroll down to the end you will see that it is able to
bind to tcp/9350, but it fails to join the cluster.
Kr,
D.
On 30.07.2014, at 09:58, Ankit Mittal wrote:
> Hi Ankur,
Hey Ankur,
did you make sure that your the cluster names configured in your elasticsearch
configuration and your graylog2 config file are identical?
Kind regards,
D.
On 30.07.2014, at 09:18, ANKUR GOYAL wrote:
> Hello ,
>
> Still I am stuggling to get run my graylog2 server. Please h
Hey Ankit,
do you want to use Graylog2 to monitor another service, or do you want Graylog2
and elasticsearch to be monitored?
If the first is the case, check the streams + alarm functionality of Graylog2.
If the latter is what you want, this is beyond the scope of Graylog2 and you
should look
Hey Ankur,
0.20.1 is a rather old version, the current stable release of Graylog2 is
0.20.6. Before we continue helping you get up and running I would highly
suggest upgrading to this version. Also I am not sure if it is just a typo or
if you are really using elasticsearch 0.90._1_. The recomme
Hey Robert,
plugins will be supported again in 0.21 which will go into beta at the end of
the month. The plugin API has been redesigned in a lot of aspects and allows
you to write plugins for inputs, outputs, alarm callbacks and message filters.
Kr,
D.
On 23.07.2014, at 11:58, Robert L
Hey Ankit,
thanks for supplying this. Can you also send us the alert mail you were getting
that included the wrong message?
Kr,
D.
On 09.07.2014, at 15:23, Ankit Mittal wrote:
> Hi Dennis,
>
> Both stream have single rule configured and both are different.
>
> type must match exactl
Hey Ankit,
thanks for reporting this. Can you please send us the stream rules of both
streams, your alert conditions and the message that was included in the alert
message? If it's stuff you do not want to post on a public mailing list, you
can send it to my company mail address (den...@torch.s
Hello Fernando,
stream rules work like being AND-concatenated when being matched, this means
that all rules of a stream have to match for a message to be tagged with that
stream. We have finer/more complex matching logic in mind, but not scheduled
for any milestone.
If you are really able to r
Hey,
thanks for reporting this. Could you please take a few stack dumps and send it
to us?
Just calling "jstack " a few times and pipe the output to separate files
is enough for this.
Kr,
Dennis
On 27.06.2014, at 10:02, Florent B wrote:
> Hi,
>
> I have a problem with a Server that
Hey Michael,
I fixed this bug upstream, the fix for this embarrasing bug will be included in
0.20.4 and all future versions. Thanks for reporting this!
Kr,
Dennis
On 20.06.2014, at 18:45, Scipio wrote:
> I'm running Graylog2 0.20.3. When I go to add a stream rule checking for
> fiel
Hey Robert,
thanks for reporting this. Could you please create a github issue
(https://github.com/Graylog2/graylog2-server/issues/new) for this and include
the necessary steps to reproduce the problem?
If you do not have a github account or do not want to create an issue, please
send me a shor
Hey Jens,
you are missing the password field in your user creation API call. I could only
determine this by checking the source code. I will add some validation the
server resource, so a proper error message is returned in future version! :)
Kr,
D.
On 05.06.2014, at 16:58, Jens Kuehnel
Hei Neil,
which version of the server are you using? I guess you are using 0.20.2. This
bug should have been fixed in 0.20.3, so after upgrading it should work.
Kr,
Dennis
On 16.06.2014, at 03:36, Neil Ferreira wrote:
> hi all,
>
> I've setup my first stream, added 4 users to receiv
Hello Chris,
in our current development branch we have implemented modular alarm callbacks.
This means it is possible to define a chain of actions which are being taken
when an alert is generated. One of those predefined pluggable modules is an
HTTP callback which calls a certain URL and theref
Hey Ankit,
this is a bug in 0.20.2. The fix is done already and will be included in 0.20.3
which is supposed to be released very soon.
Kr,
D.
On 03.06.2014, at 10:57, Ankit Mittal wrote:
> Dear All,
>
> I am using Graylog2 v0.20.2 in my production environment, We are not
> receiving
Hey Joe,
could you please outline how you created those inputs? Did you launch those
inputs as global inputs but they are showing up as local ones?
To me it looks like they are all different ones, because they are running on
separate hosts. It might be a bit misleading that it’s possible to hav
Hello Uwe,
thank you very much for your valuable feedback. We are constantly trying to
improve UI efficiency, so your input is very helpful.
Kr,
Dennis
--
TORCH GmbH
Steckelhörn 11
20457 Hamburg
Tel +49 (0)40-60945200
https://www.torch.sh
Commercial Reg. (Registergericht): Amtsgerich
Hello Dennis,
do you have anything in the Logs this time?
Is the server node responding to REST requests?
Can you run jstack and/or jmap next time the server is hung and
upload the results somewhere?
Kind regards,
D.
--
TORCH GmbH
Steckelhörn 11
20457 Hamburg
Tel +49 (0)40-60945200
There is an alternative, please check out the stream dashboards.
You can find them at this address:
https://github.com/Graylog2/graylog2-stream-dashboard
Have fun,
D.
--
TORCH GmbH
Steckelhörn 11
20457 Hamburg
Tel +49 (0)40-60945200
https://www.torch.sh
Commercial Reg. (Registergerich
, dashboards, alerts, …) is stored in mongoDB and
not in elasticsearch.
If you need more information about this issue, please check this URL
http://bouk.co/blog/elasticsearch-rce/ or feel free to send any questions to
the mailing list.
Kind regards,
Dennis Oelkers
--
TORCH GmbH
Steckelhörn 11
graylog2@googlegroups.com
Subject: Re: [graylog2] Mongo no messages?
Thanks! Was just trying to figure out what all needed to be backed up :D
On Monday, March 24, 2014 4:24:40 PM UTC-7, Dennis Oelkers wrote:
Hey Tom!
This is correct. Messages are not stored in MongoDB anymore, they are now
Hey Tom!
This is correct. Messages are not stored in MongoDB anymore, they are now being
kept in elasticsearch.
Kr,
D.
--
TORCH GmbH
Steckelhörn 11
20457 Hamburg
Tel +49 (0)40-60945200
https://www.torch.sh
Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175
Geschäftsfü
Hey Robert!
Awesome! Thanks a lot for sharing this!
Kr,
D.
--
TORCH GmbH
Steckelhörn 11
20457 Hamburg
Tel +49 (0)40-60945200
https://www.torch.sh
Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175
Geschäftsführer: Hass Chapman, Lennart Koopmann
From: Robert Logan rlo.
Hello Abhay,
thank you very much for reporting this behaviour. I tried to reproduce it but
was unable to do so. Is this error reproducable (every time/sometimes/not)? Can
you give me an overview of the alerting configuration of that stream? Is there
anything in the graylog2-server log?
Kind re
Hello Edmundo,
your valuable feedback is greatly appreciated!
On January 23rd 2014 at 11:38:53, Edmundo Alvarez (e.alvar...@gmail.com) wrote:
Hi Torch team,
I couldn’t try out rc.1, but the jump from preview-8 to rc.1-1 is huge,
great work!
Thanks a lot!
After playing around with this vers
Hey Jean-Luc,
On 17.01.2014, at 11:06, Jean-Luc Bassereau wrote:
> All our Unix Syslog streams enter to graylog with a "low case" server name,
> but, for some (yet) unknown reason our MS machines log come to graylog
> through NXLOG with an uppercase servername.
>
> That shouldn't be a big iss
Hello David,
On 20.12.2013, at 16:12, David wrote:
> Can you confirm that stream notitfications (alarms, alerts ...) are not
> available at the moment?
> And have you planned to release the feature on next version?
right now stream notifications are not implemented in the 0.20 branch, but we
70 matches
Mail list logo