[graylog2] [ANNOUNCE] Splunk output plugin for Graylog
We are pleased to announce that we now officially support Splunk integration with our new Splunk output plug-in. You can find more information and use cases here: https://www.graylog.org/graylog-splunk-integration-is-now-here/ -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] [SECURITY] Severe Elasticsearch security issues. Upgrade now!
Elasticsearch recently released v1.7.0 and v1.6.1, which addresses several severe security issues. We have tested Graylog v1.1.X with Elasticsearch v1.6.1 and strongly recommend upgrading to Elasticsearch v1.6.1.: https://www.graylog.org/elasticsearch-security-fixes-upgrade-now/ -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [graylog2] Re: Elasticsearch + Shield = Graylog can't connect
Hi Pavel, great news... Ciao Alberto On Thursday, July 16, 2015 at 11:13:14 AM UTC+2, Paul Letski wrote: > > Hi Alberto, > > I've reinstalled elasticsearch and now problem solved. > Look like remove Shield doesn't delete it completely. > > On Wed, Jul 15, 2015 at 05:16:35AM -0700, Alberto Frosi wrote: > >Hi Pavel, > >seems elasticsearch is running but can you check status with: > >curl -XGET http://localhost:9200/_cluster/health?pretty > >should be status green, otherwise your graylog server doesn't start. > >Can you post graylog server log also? > >Ciao > >Alberto > >On Tuesday, July 14, 2015 at 2:55:51 PM UTC+2, Paul Letski wrote: > > > >Hello, > >I have fluentd + elasticsearch + graylog setup. > >I've installed Shield plugin for elasticsearch, create admin user > and > >now graylog can't connect. > >I understand, that I must write my credentials somewhere in graylog > >configs. But I don't know where? > >Versions: > >Graylog-server 1.1.4-1 > >Elasticsearch: 1.6.0 > >Here is error message from graylog-server log: > >2015-07-14T13:49:41.977+03:00 ERROR [IndexerSetupService] Could not > >connect to Elasticsearch at http://127.0.0.1:9200/. Is it running? > >Here is elasticsearch status: > ># curl -u che -XGET 'http://localhost:9200/' > >Enter host password for user 'che': > >{ > > "status" : 200, > > "name" : "Unthinnk", > > "cluster_name" : "my_logs", > > "version" : { > >"number" : "1.6.0", > >"build_hash" : "cdd3ac4dde4f69524ec0a14de3828cb95bbb86d0", > >"build_timestamp" : "2015-06-09T13:36:34Z", > >"build_snapshot" : false, > >"lucene_version" : "4.10.4" > > }, > > "tagline" : "You Know, for Search" > >} > >Thank you in advance. > >-- > >Best regards, > >Pavel Letski > > > >-- > >You received this message because you are subscribed to the Google > >Groups "graylog2" group. > >To unsubscribe from this group and stop receiving emails from it, > send > >an email to graylog2+u...@googlegroups.com . > >For more options, visit https://groups.google.com/d/optout. > > > -- > Best regards, > Pavel Letskiy > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [graylog2] Re: Elasticsearch + Shield = Graylog can't connect
Hi Alberto, I've reinstalled elasticsearch and now problem solved. Look like remove Shield doesn't delete it completely. On Wed, Jul 15, 2015 at 05:16:35AM -0700, Alberto Frosi wrote: >Hi Pavel, >seems elasticsearch is running but can you check status with: >curl -XGET http://localhost:9200/_cluster/health?pretty >should be status green, otherwise your graylog server doesn't start. >Can you post graylog server log also? >Ciao >Alberto >On Tuesday, July 14, 2015 at 2:55:51 PM UTC+2, Paul Letski wrote: > >Hello, >I have fluentd + elasticsearch + graylog setup. >I've installed Shield plugin for elasticsearch, create admin user and >now graylog can't connect. >I understand, that I must write my credentials somewhere in graylog >configs. But I don't know where? >Versions: >Graylog-server 1.1.4-1 >Elasticsearch: 1.6.0 >Here is error message from graylog-server log: >2015-07-14T13:49:41.977+03:00 ERROR [IndexerSetupService] Could not >connect to Elasticsearch at http://127.0.0.1:9200/. Is it running? >Here is elasticsearch status: ># curl -u che -XGET 'http://localhost:9200/' >Enter host password for user 'che': >{ > "status" : 200, > "name" : "Unthinnk", > "cluster_name" : "my_logs", > "version" : { >"number" : "1.6.0", >"build_hash" : "cdd3ac4dde4f69524ec0a14de3828cb95bbb86d0", >"build_timestamp" : "2015-06-09T13:36:34Z", >"build_snapshot" : false, >"lucene_version" : "4.10.4" > }, > "tagline" : "You Know, for Search" >} >Thank you in advance. >-- >Best regards, >Pavel Letski > >-- >You received this message because you are subscribed to the Google >Groups "graylog2" group. >To unsubscribe from this group and stop receiving emails from it, send >an email to graylog2+unsubscr...@googlegroups.com. >For more options, visit https://groups.google.com/d/optout. -- Best regards, Pavel Letskiy -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.