[graylog2] Re: [ANN] Graylog2 0.92.0 released
Upgrade went very well, no problems. Has anyone upgraded elasticsearch to version 1.4 (coming from 1.3.4) On Tuesday, December 2, 2014 1:17:30 AM UTC+1, Cayuga wrote: > > All in all, a great release!! We really appreciate all of your hard work. > > I believe that I've found a bug. > > I have non-conforming syslog input on port 513 and it now shows "unknown" > for the source for all incoming messages. > > > On Monday, December 1, 2014 4:58:12 AM UTC-5, Jochen Schalanda wrote: >> >> Hi everyone, >> >> after an extended beta and release candidate phase we just released >> Graylog2 0.92.0. >> >> We'd like to thank everyone in the community who made it possible to >> produce this release by thoroughly testing the beta and release candidate >> versions! >> >> There are lots of new features in Graylog2 0.92.0 like: >> >>- Shareable content packs (i. e. import/export your dashboards, >>streams, inputs, outputs, and extractors) >>- Support for pluggable retention strategies (e. g. the much >>requested time-based retention strategy) >>- Support for Elasticsearch 1.4.x >>- Support for SSL/TLS for the Graylog2 REST API >>- Support for Syslog Octet Counting framing method (used by syslog-ng) >>- A more detailed "Sources" page in the web interface >>- Many stability and performance improvements >> >> Please refer to our release post at >> http://www.graylog2.org/news/post/0010-graylog2-v0-92 for more details >> about Graylog2 0.92.0 and upgrade information (especially if you're still >> running Graylog2 0.90.x or earlier). >> >> As always: If you find any bugs in Graylog2 or miss that one important >> feature, please talk to us by either posting to this mailing list or by >> creating an issue on GitHub at >> https://github.com/Graylog2/graylog2-server/issues. >> >> >> Cheers, >> Jochen (on behalf of the whole team) >> > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Optimal settings for graylog server and radio.
Hi, Currently i have following graylog server settings: output_batch_size = 1000 output_flush_interval = 1 processbuffer_processors = 20 outputbuffer_processors = 10 processor_wait_strategy = blocking ring_size = 2048 And radio settings: processbuffer_processors = 20 processor_wait_strategy = blocking ring_size = 2048 Average message rate is 3000-4000 events per second. Radio and server node input and output buffer utilization is 0.0%. But master caches: *0* IMC / *1018* OMC. (1018 has been like this for several hours and not changing anymore). What are the reasons of increasing output master cache? What setting can be tweaked? p.s. i'm running graylog2-radio-0.93.0-SNAPSHOT-20141202145626 + graylog2-server-0.93.0-SNAPSHOT-20141202145626 + graylog2-web-interface-0.93.0-SNAPSHOT-20141202133029. -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Re: Optimal settings for graylog server and radio.
Try this on elasticsearch: index.refresh_interval: 5s (or a lager interval) This enhances the throughput capability of ES. You can even so try 10 or 15 seconds. This means you haver your results in ES after 5 secs and not one, what is the default. On Wednesday, December 3, 2014 2:24:57 PM UTC+1, Dmitri Stoljarov wrote: > > Hi, > > Currently i have following graylog server settings: > > output_batch_size = 1000 > output_flush_interval = 1 > processbuffer_processors = 20 > outputbuffer_processors = 10 > processor_wait_strategy = blocking > ring_size = 2048 > > > And radio settings: > processbuffer_processors = 20 > processor_wait_strategy = blocking > ring_size = 2048 > > > Average message rate is 3000-4000 events per second. > Radio and server node input and output buffer utilization is 0.0%. > > But master caches: *0* IMC / *1018* OMC. (1018 has been like this for > several hours and not changing anymore). > > What are the reasons of increasing output master cache? > > What setting can be tweaked? > > p.s. i'm running graylog2-radio-0.93.0-SNAPSHOT-20141202145626 + > graylog2-server-0.93.0-SNAPSHOT-20141202145626 + > graylog2-web-interface-0.93.0-SNAPSHOT-20141202133029. > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Re: [ANN] Graylog2 0.92.0 released
Upgraded from 1.3.4 to 1.4.1. Went smoothly. On Wednesday, December 3, 2014 5:54:06 AM UTC-5, Arie wrote: > > Upgrade went very well, no problems. > > Has anyone upgraded elasticsearch to version 1.4 (coming from 1.3.4) > > > > On Tuesday, December 2, 2014 1:17:30 AM UTC+1, Cayuga wrote: >> >> All in all, a great release!! We really appreciate all of your hard work. >> >> I believe that I've found a bug. >> >> I have non-conforming syslog input on port 513 and it now shows "unknown" >> for the source for all incoming messages. >> >> >> On Monday, December 1, 2014 4:58:12 AM UTC-5, Jochen Schalanda wrote: >>> >>> Hi everyone, >>> >>> after an extended beta and release candidate phase we just released >>> Graylog2 0.92.0. >>> >>> We'd like to thank everyone in the community who made it possible to >>> produce this release by thoroughly testing the beta and release candidate >>> versions! >>> >>> There are lots of new features in Graylog2 0.92.0 like: >>> >>>- Shareable content packs (i. e. import/export your dashboards, >>>streams, inputs, outputs, and extractors) >>>- Support for pluggable retention strategies (e. g. the much >>>requested time-based retention strategy) >>>- Support for Elasticsearch 1.4.x >>>- Support for SSL/TLS for the Graylog2 REST API >>>- Support for Syslog Octet Counting framing method (used by >>>syslog-ng) >>>- A more detailed "Sources" page in the web interface >>>- Many stability and performance improvements >>> >>> Please refer to our release post at >>> http://www.graylog2.org/news/post/0010-graylog2-v0-92 for more details >>> about Graylog2 0.92.0 and upgrade information (especially if you're still >>> running Graylog2 0.90.x or earlier). >>> >>> As always: If you find any bugs in Graylog2 or miss that one important >>> feature, please talk to us by either posting to this mailing list or by >>> creating an issue on GitHub at >>> https://github.com/Graylog2/graylog2-server/issues. >>> >>> >>> Cheers, >>> Jochen (on behalf of the whole team) >>> >> -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Re: [ANN] Graylog2 0.92.0 released
How long until I can "yum update"? On Monday, December 1, 2014 1:58:12 AM UTC-8, Jochen Schalanda wrote: > > Hi everyone, > > after an extended beta and release candidate phase we just released > Graylog2 0.92.0. > > > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Re: [ANN] Graylog2 0.92.0 released
You'll need to remove the old repository and add the new one (old repository references 91). At least that's what I had to do. yum remove graylog2-0.91-repository-el6-1.1.0-1.noarch Then you can add the new one: rpm -Uvh https://packages.graylog2.org/repo/packages/graylog2-0.92-repository-el6_latest.rpm Finally, yum update graylog2-server On Wednesday, December 3, 2014 9:07:13 PM UTC-5, Mark Moorcroft wrote: > > > How long until I can "yum update"? > > On Monday, December 1, 2014 1:58:12 AM UTC-8, Jochen Schalanda wrote: >> >> Hi everyone, >> >> after an extended beta and release candidate phase we just released >> Graylog2 0.92.0. >> >> >> -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Re: [ANN] Graylog2 0.92.0 released
I edited the repo file and changed 0.91 to 0.92 On Wednesday, December 3, 2014 6:13:15 PM UTC-8, Zi Dvbelju wrote: > > You'll need to remove the old repository and add the new one (old > repository references 91). At least that's what I had to do. > > yum remove graylog2-0.91-repository-el6-1.1.0-1.noarch > > Then you can add the new one: > rpm -Uvh > https://packages.graylog2.org/repo/packages/graylog2-0.92-repository-el6_latest.rpm > > Finally, yum update graylog2-server > > > > On Wednesday, December 3, 2014 9:07:13 PM UTC-5, Mark Moorcroft wrote: >> >> >> How long until I can "yum update"? >> >> On Monday, December 1, 2014 1:58:12 AM UTC-8, Jochen Schalanda wrote: >>> >>> Hi everyone, >>> >>> after an extended beta and release candidate phase we just released >>> Graylog2 0.92.0. >>> >>> >>> -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] GELF Output option v0.92.0
Hi Folks, I have two GL2 servers running to test the message steam forwarding (GELF Output) : - GELF Out (TCP/12201) (v0.92.0) -> GELF In (TCP/12201) (v0.91.3) The GELF output function works and I see messages in Elasticseach (when calling the search API). When using the UI for GL2 v0.91.3, no messages are shown. Searching messages from the GELF TCP Input, show nothings. Any ideas why this would be ? Cheers, Marty -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
