[graylog2] Elasticsearch index message not found?
So we've set up a graylog server to test a few things and maybe use it for our company later. We want to send our own messages trough the Elasticsearch API using a curl XPUT command. If we use a XGET command, then it finds our log message. If we look at the indices page in the graylog interface we can see that it has stored our messages, but if we go and search them trough the interface it shows up empty. We also tried to establish a UDP input to test if graylog even finds something. If we send messages trough UDP, then graylog finds those messages. But still doesn't find the ones we put in to elasticsearch directly, while the index page still says that all those messages are there(both UDP and XPUT). Does anyone know how we can get all messages to show up in the search? thank you! -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/ca24cd6e-85a0-4ee0-be19-37922976ce3a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Re: Email password encryption
Hi, unfortunately encrypting the SMTP credentials in the Graylog configuration file is currently not supported. Cheers, Jochen On Thursday, 21 January 2016 11:23:51 UTC+1, kalam...@finocap.com wrote: > > Hi > > When I use "graylog-ctl set-email-config" and reconfig, seems like the > password is not encrypted. > Is there a way to encrypt the password in email transport of the conf file? > > Thanks! > > KL > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/2cf134d2-b2a3-4fa1-b772-49c1a1b7170a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Re: Elasticsearch index message not found?
Hi Joshua, Graylog is expecting the message indexed into Elasticsearch to be in a very specific format. I'd suggest that you send those messages to Graylog (e. g. as GELF messages) instead of using the "side channel" of indexing those into Elasticsearch directly. Additionally, some Graylog features like streams won't work if you don't index those messages via Graylog. Cheers, Jochen On Thursday, 21 January 2016 14:29:42 UTC+1, Joshua Stelten wrote: > > So we've set up a graylog server to test a few things and maybe use it for > our company later. > We want to send our own messages trough the Elasticsearch API using a curl > XPUT command. > If we use a XGET command, then it finds our log message. > If we look at the indices page in the graylog interface we can see that it > has stored our messages, but if we go and search them trough the interface > it shows up empty. > We also tried to establish a UDP input to test if graylog even finds > something. > If we send messages trough UDP, then graylog finds those messages. > But still doesn't find the ones we put in to elasticsearch directly, while > the index page still says that all those messages are there(both UDP and > XPUT). > > Does anyone know how we can get all messages to show up in the search? > > thank you! > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/de67b1db-ee52-4cbc-9faf-936dc3f6189c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Getting Error Message while starting ElasticSearch!
Dear All, I am using Elasticsearch -1.7.2. While starting Elasticsearch, I am getting following error: {1.7.2}: Startup Failed ... - BindTransportException[Failed to bind to [9300-9400]] ChannelException[Failed to bind to: /192.178.178.228:9400] BindException[Cannot assign requested address] Please guide me for this. Thanks in Advance! :) -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/2e415f38-235f-40ae-b703-590234ea9f9e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Email password encryption
Hi When I use "graylog-ctl set-email-config" and reconfig, seems like the password is not encrypted. Is there a way to encrypt the password in email transport of the conf file? Thanks! KL -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/9ad7af50-fa37-4c92-a2d5-3c6ae91e65d6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Re: Deploy web interface
Hi, the steps to build a distributable tar-ball from the web interface sources are listed in the build_release.sh script in the very same repository. See https://github.com/Graylog2/graylog2-web-interface/blob/1.3.3/build_release.sh#L51-L57 You can then simply copy the tar-ball to your target system (see http://docs.graylog.org/en/1.3/pages/installation/manual_setup.html#graylog-web-interface-on-linux ). Cheers, Jochen On Thursday, 21 January 2016 07:04:28 UTC+1, thuon...@gmail.com wrote: > > Hi, > > I have cloned source code web interface 1.3 from > https://github.com/Graylog2/graylog2-web-interface/tree/1.3 > > I customize web interface on my personal computer,I install > activator,node,npm and run it successfully > and Now if I want to deploy my own web interface on another server,I must > copy all source code to that server and install activator,npm and run > again.Is this right? > Please explain me about this? > > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/1e899550-f9f8-4152-8da7-2de7754e7df5%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Whts the best way or Tool for monitoring apache logs by using Graylog
Hi experts, newb here, imported ubuntu ova and trying to monitor some apache logs from test server. I have default file logging location for apache. I cant make any changes on apache settings for this requirement. Can any one suggest best way or tool for forwarding this file to graylog setup..? Please suggest. Apache server OS version : Rhel 6.5 Please do let us know if you required any further info. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/22325d6c-75c8-4031-9d89-6d372cbe31e8%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [graylog2] Re: Forwarding logs from SpluUniversal forwarder to Graylog, logs are missing please help
Hej Chandrahasa, this is like finding - blind - the needle in the haystack. Did you check your Graylog Logfiles? Did you see any Errors? Does all the messages arrive at the Graylog Server (maybe tcpdump will help you here) ? Are the time/date on all Systems in Sync? Maybe you should think about getting payed support if you are not able to identify your problem. regards Jan -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/CAGm-bLb80%2BaRFwndG7Eyztoq_mFoKxwDYEwzhXidKz_JXdwAPA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [graylog2] reassembled log
Hej Brendan, could you please explain what you mean with "turn back". Did you like to get specific Logs out of Graylog into a Logfile - means export Logs? regards Jan -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/CAGm-bLaiEAEHZoDfyURHEZpd5q5rxm_QOj%2BieBChKOLsew-i6w%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] reassembled log
Hello everybody, I mounted a graylog server, and wanted to know if I could turn back the logs from an Exchange mail server or SMTP logs and also if I could turn back the logs of a web (HTTP) server. If so, how ? because I already back logs of my W7 and 2012 server with Nxlog. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/5e3711f3-e7b8-490d-8d47-16b81b2295d3%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Re: Whts the best way or Tool for monitoring apache logs by using Graylog
Hi Ranjith, you can use the typical log file collectors like nxlog ( https://nxlog.co/products/nxlog-community-edition), logstash ( https://www.elastic.co/products/logstash), Graylog Collector ( http://docs.graylog.org/en/1.3/pages/collector.html), or even good old rsyslog with the imfile input (http://www.rsyslog.com/) to send your Apache httpd access and error logs to Graylog. All of the mentioned applications support either Graylog's native GELF protocol or the syslog protocol. If you are brave enough (and can modify the Apache httpd configuration), you can give the Apache httpd module mod_log_gelf ( https://github.com/Graylog2/apache-mod_log_gelf) a try. Cheers, Jochen On Thursday, 21 January 2016 15:37:10 UTC+1, Ranjith Vadakkeel wrote: > > Hi experts, > > newb here, imported ubuntu ova and trying to monitor some apache logs from > test server. I have default file logging location for apache. I cant make > any changes on apache settings for this requirement. Can any one suggest > best way or tool for forwarding this file to graylog setup..? Please > suggest. > > Apache server OS version : Rhel 6.5 > > Please do let us know if you required any further info. > > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/beaa0a17-1b05-4a98-a314-13a12572d069%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [graylog2] reassembled log
Like an input Le jeudi 21 janvier 2016 16:59:08 UTC+1, Jan Doberstein a écrit : > > Hej Brendan, > > could you please explain what you mean with "turn back". > > Did you like to get specific Logs out of Graylog into a Logfile - means > export Logs? > > regards > Jan > > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/8b33b575-9e99-4bd9-b058-49150a0452ec%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Re: Deploy web interface
Hi, Thanks for replying.I have build and run it successfully. Thanks -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/f4759a2f-32a4-440c-8b29-46720ee2d9d1%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.