[graylog2] Re: Whats Better for Graylog Udp or Tcp

2016-11-14 Thread 'Schwään' via Graylog Users 
I use graylog to log all our Hardware Components.

Firewalls, Switch, Server, Router 

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/ad0863f7-7c58-40ce-96b2-439354bc3d62%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Whats Better for Graylog Udp or Tcp

2016-11-14 Thread 'Schwään' via Graylog Users 
Hello,

whats better to use for graylog.
UDP or TCP.

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/6272e4c9-a1f8-45f9-b338-9f4ad429a171%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] How can i log the Local Graylog server

2016-11-14 Thread 'Schwään' via Graylog Users 
Hello,

how can i log the Local Machine in Graylog?

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/e91d043e-54ea-4745-bcdb-5a8313030638%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] monogodb failed status 100

2016-11-11 Thread 'Schwään' via Graylog Users 
after restart my server mongo db wont start and the graylog website wont 
start

● mongodb.service - An object/document-oriented database
>Loaded: loaded (/lib/systemd/system/mongodb.service; enabled)
>Active: failed (Result: exit-code) since Fri 2016-11-11 14:27:39 CET; 
> 2min 57s ago
>  Docs: man:mongod(1)
>  Main PID: 402 (code=exited, status=100)


-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/d7cc15a0-d8b9-4462-8e3e-50c59f7f3400%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Can i delete elasticsearch notes?

2016-11-10 Thread 'Schwään' via Graylog Users 
i change action.destructive_requires_name to true and
use 

curl -XDELETE http://localhost:9200/graylog/


and 

curl -XDELETE 'http://localhost:9000/graylog/



But it schows 
curl: (7) Failed to connect to localhost port 9200: Connection refused

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/ffde6e68-2b0e-41d2-98a3-b7ef297095f6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: After Restart elasticsearch cluster is red

2016-11-10 Thread 'Schwään' via Graylog Users 
Where can i change these Settings ??
This is my elasticsearch.yml

#  Elasticsearch Configuration 
>> =
>
> #
>
> # NOTE: Elasticsearch comes with reasonable defaults for most settings.
>
> #   Before you set out to tweak and tune the configuration, make sure 
>> you
>
> #   understand what are you trying to accomplish and the consequences.
>
> #
>
> # The primary way of configuring a node is via this file. This template 
>> lists
>
> # the most important settings you may want to configure for a production 
>> cluster.
>
> #
>
> # Please see the documentation for further information on configuration 
>> options:
>
> # 
>> 
>
> #
>
> # -- Cluster 
>> ---
>
> #
>
> # Use a descriptive name for your cluster:
>
> #
>
>  cluster.name: graylog
>
> #
>
> #  Node 
>> 
>
> #
>
> # Use a descriptive name for the node:
>
> #
>
> # node.name: node-1
>
> #
>
> # Add custom attributes to the node:
>
> #
>
> # node.rack: r1
>
> #
>
> # --- Paths 
>> 
>
> #
>
> # Path to directory where to store the data (separate multiple locations 
>> by comma):
>
> #
>
> # path.data: /path/to/data
>
> #
>
> # Path to log files:
>
> #
>
> # path.logs: /path/to/logs
>
> #
>
> # --- Memory 
>> ---
>
> #
>
> # Lock the memory on startup:
>
> #
>
> # bootstrap.memory_lock: true
>
> #
>
> # Make sure that the `ES_HEAP_SIZE` environment variable is set to about 
>> half the memory
>
> # available on the system and that the owner of the process is allowed to 
>> use this limit.
>
> #
>
> # Elasticsearch performs poorly when the system is swapping the memory.
>
> #
>
> # -- Network 
>> ---
>
> #
>
> # Set the bind address to a specific IP (IPv4 or IPv6):
>
> #
>
> # network.host: 10.250.20.60
>
> #
>
> # Set a custom port for HTTP:
>
> #
>
> # http.port: 9200
>
> #
>
> # For more information, see the documentation at:
>
> # 
>> 
>
> #
>
> # - Discovery 
>> --
>
> #
>
> # Pass an initial list of hosts to perform discovery when new node is 
>> started:
>
> # The default list of hosts is ["127.0.0.1", "[::1]"]
>
> #
>
> # discovery.zen.ping.unicast.hosts: ["host1", "host2"]
>
> #
>
> # Prevent the "split brain" by configuring the majority of nodes (total 
>> number of nodes / 2 + 1):
>
> #
>
> # discovery.zen.minimum_master_nodes: 3
>
> #
>
> # For more information, see the documentation at:
>
> # 
>> 
>
> #
>
> # -- Gateway 
>> ---
>
> #
>
> # Block initial recovery after a full cluster restart until N nodes are 
>> started:
>
> #
>
> # gateway.recover_after_nodes: 3
>
> #
>
> # For more information, see the documentation at:
>
> # 
>> 
>
> #
>
> # -- Various 
>> ---
>
> #
>
> # Disable starting multiple nodes on a single system:
>
> #
>
> # node.max_local_storage_nodes: 1
>
> #
>
> # Require explicit names when deleting indices:
>
> #
>
> # action.destructive_requires_name: true
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/21d02e09-a7e3-4fae-b350-4496aabb645d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Can i delete elasticsearch notes?

2016-11-10 Thread 'Schwään' via Graylog Users 
curl: (7) Failed to connect to localhost port 9000: Connection refused



Am Donnerstag, 10. November 2016 13:05:30 UTC+1 schrieb Schwään:
>
> Is it ok to delete something from the /var/lib/elasticsearch/graylog# 
> folder? 
>
> the divice is full and i need to clean up some Space.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/cc6f46ce-3567-402e-a31d-6498b57b520d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Can i delete elasticsearch notes?

2016-11-10 Thread 'Schwään' via Graylog Users 
Is it ok to delete something from the /var/lib/elasticsearch/graylog# 
folder? 

the divice is full and i need to clean up some Space.

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/a4cab27c-9263-4b6d-9984-327a9e3ad6c8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: After Restart elasticsearch cluster is red

2016-11-10 Thread 'Schwään' via Graylog Users 
Graylog web
in search page  show this 

Error Message:Unable to execute searchException:
org.elasticsearch.action.search.SearchPhaseExecutionException

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/1e3d9b4c-2355-419b-9950-accac78dbcfb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: After Restart elasticsearch cluster is red

2016-11-10 Thread 'Schwään' via Graylog Users 
This is the Only warnings from /var/log/elasticsearch/gralog.log

[2016-11-10 10:21:41,532][WARN ][cluster.routing.allocation.decider] 
[Johnny Blaze] high disk watermark [90%] exceeded on 
[FDvAD2p5QUKQCgaq-xQ-oA][Johnny 
Blaze][/var/lib/elasticsearch/graylog/nodes/0] free: 0b[0%], shards will be 
reloca$
[2016-11-10 10:21:41,733][INFO ][cluster.routing.allocation.decider] 
[Johnny Blaze] rerouting shards: [high disk watermark exceeded on one or 
more nodes]

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/18c521e8-d5ff-4a89-be4e-452419820ecd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: After Restart elasticsearch cluster is red

2016-11-10 Thread 'Schwään' via Graylog Users 
now i restart elasticsearch and the massage change

  Elasticsearch cluster is red. Shards: 0 active, 0 initializing, 0
 relocating, 1 unassigned

Am Donnerstag, 10. November 2016 11:46:06 UTC+1 schrieb Schwään:
>
>
>
> The Elasticsearch cluster state is RED which means shards are unassigned. 
> This usually indicates a crashed and corrupt cluster and needs to be 
> investigated. Graylog will write into the local disk journal. Read how to 
> fix this in
>
> What can i do
>
> Elasticsearch cluster is red. Shards: 0 active, 1 initializing, 0
>  relocating, 0 unassigned, 
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/c354546e-1c0b-4329-94dc-3f25abc40040%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] After Restart elasticsearch cluster is red

2016-11-10 Thread 'Schwään' via Graylog Users 


The Elasticsearch cluster state is RED which means shards are unassigned. 
This usually indicates a crashed and corrupt cluster and needs to be 
investigated. Graylog will write into the local disk journal. Read how to 
fix this in

What can i do

Elasticsearch cluster is red. Shards: 0 active, 1 initializing, 0
 relocating, 0 unassigned, 


-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/477c420f-2e0a-4ac4-a6d1-d58c0a44c115%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Graylog Time is Wrong

2016-11-03 Thread 'Schwään' via Graylog Users 
Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/143688d6-cd1b-4ffe-872e-b096a313b833%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Graylog Time is Wrong

2016-11-03 Thread 'Schwään' via Graylog Users 
User *admin*:2016-11-03 12:11:25 +00:00Your web browser:2016-11-03 13:11:25 
+01:00Graylog server:2016-11-03 13:11:25 +01:00
Hello my logs come with false date because user admi is 1 hour wrong what 
can i do?

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/1a004c9a-ba30-4c1b-9173-79c84e8db097%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Server Logging dont work

2016-11-02 Thread 'Schwään' via Graylog Users 
how do i set thios ip to graylog node

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/4a5d3e78-2981-4961-bf5c-ae9a804067eb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Server Logging dont work

2016-11-02 Thread 'Schwään' via Graylog Users 
no it dont show this ip with ip addr show.

the mediwaiki server is 10.250.40.60 and graylog is 10.250.20.60.

i woult like to log all hardware components from our network and this was 
my test server 

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/0b4e6f67-1033-4f72-9bb4-49ba12bb9592%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Server Logging dont work

2016-11-02 Thread 'Schwään' via Graylog Users 
my  graylog server is 10.250.20.60

and i try to logg this syslog udp





i can ping the graylog server from this server and i can ping this server 
from graylog server

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/8be2eaec-9b5b-41d6-aa02-b389948fe23f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Server Logging dont work

2016-11-02 Thread 'Schwään' via Graylog Users 
i have graylog that can log the graylog server with udp.

I try to log another linux server but graylog sad failed

> Input 57f466a72e9b390db4c61dc2 has failed to start on node 
> 524325f6-f48b-48ee-9ff2-0c08691223b2 for this reason: »Cannot assign 
> requested address.«. This means that you are unable to receive any 
> messages from this input. This is mostly an indication for a 
> misconfiguration or an error. You can click here 
>  to solve this.


 

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/cc552699-7a98-4be4-9b0a-6fb13cd61d01%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Elasticsearch cluster unavailable (I dont have a CLuster)

2016-10-25 Thread 'Schwään' via Graylog Users 
i trie it but it shows the massage again

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/503e858f-8c2f-4ee0-91b0-56e0cc6e4946%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Elasticsearch cluster unavailable (I dont have a CLuster)

2016-10-25 Thread 'Schwään' via Graylog Users 
but i dont use a cluster 

Am Dienstag, 25. Oktober 2016 10:06:55 UTC+2 schrieb Schwään:
>
> Hello,
>
> when i Start the Webconfig of Graylog it says 
> Elasticsearch cluster unavailable
>
> but i dont have a cluster and don´t have configured a cluster.
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/845bc78c-b4c5-4b31-a28f-0495c04233e3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Elasticsearch cluster unavailable (I dont have a CLuster)

2016-10-25 Thread 'Schwään' via Graylog Users 
Und ich habe gerade gemerkt das wir das eventuell auch auf Deutsch klären 
könnten da mein Englisch nicht so gut ist

Am Dienstag, 25. Oktober 2016 10:06:55 UTC+2 schrieb Schwään:
>
> Hello,
>
> when i Start the Webconfig of Graylog it says 
> Elasticsearch cluster unavailable
>
> but i dont have a cluster and don´t have configured a cluster.
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/9e4c603b-907d-4331-9c34-2679a80a5715%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Elasticsearch cluster unavailable (I dont have a CLuster)

2016-10-25 Thread 'Schwään' via Graylog Users 
Elasticsearch Config

#  Elasticsearch Configuration 
>> =
>
> #
>
> # NOTE: Elasticsearch comes with reasonable defaults for most settings.
>
> #   Before you set out to tweak and tune the configuration, make sure 
>> you
>
> #   understand what are you trying to accomplish and the consequences.
>
> #
>
> # The primary way of configuring a node is via this file. This template 
>> lists
>
> # the most important settings you may want to configure for a production 
>> cluster.
>
> #
>
> # Please see the documentation for further information on configuration 
>> options:
>
> # 
>> 
>
> #
>
> # -- Cluster 
>> ---
>
> #
>
> # Use a descriptive name for your cluster:
>
> #
>
> # cluster.name: my-application
>
> #
>
> #  Node 
>> 
>
> #
>
> # Use a descriptive name for the node:
>
> #
>
> # node.name: node-1
>
> #
>
> # Add custom attributes to the node:
>
> #
>
> # node.rack: r1
>
> #
>
> # --- Paths 
>> 
>
> #
>
> # Path to directory where to store the data (separate multiple locations 
>> by comma):
>
> #
>
> # path.data: /path/to/data
>
> #
>
> # Path to log files:
>
> #
>
> # path.logs: /path/to/logs
>
> #
>
> # --- Memory 
>> ---
>
> #
>
> # Lock the memory on startup:
>
> #
>
> # bootstrap.memory_lock: true
>
> #
>
> # Make sure that the `ES_HEAP_SIZE` environment variable is set to about 
>> half the memory
>
> # available on the system and that the owner of the process is allowed to 
>> use this limit.
>
> #
>
> # Elasticsearch performs poorly when the system is swapping the memory.
>
> #
>
> # -- Network 
>> ---
>
> #
>
> # Set the bind address to a specific IP (IPv4 or IPv6):
>
> #
>
> # network.host: 10.250.20.60
>
> #
>
> # Set a custom port for HTTP:
>
> #
>
> # http.port: 9200
>
> #
>
> # For more information, see the documentation at:
>
> # 
>> 
>
> #
>
> # - Discovery 
>> --
>
> #
>
> # Pass an initial list of hosts to perform discovery when new node is 
>> started:
>
> # The default list of hosts is ["127.0.0.1", "[::1]"]
>
> #
>
> # discovery.zen.ping.unicast.hosts: ["host1", "host2"]
>
> #
>
> # Prevent the "split brain" by configuring the majority of nodes (total 
>> number of nodes / 2 + 1):
>
> #
>
> # discovery.zen.minimum_master_nodes: 3
>
> #
>
> # For more information, see the documentation at:
>
> # 
>> 
>
> #
>
> # -- Gateway 
>> ---
>
> #
>
> # Block initial recovery after a full cluster restart until N nodes are 
>> started:
>
> #
>
> # gateway.recover_after_nodes: 3
>
> #
>
> # For more information, see the documentation at:
>
> # 
>> 
>
> #
>
> # -- Various 
>> ---
>
> #
>
> # Disable starting multiple nodes on a single system:
>
> #
>
> # node.max_local_storage_nodes: 1
>
> #
>
> # Require explicit names when deleting indices:
>
> #
>
> # action.destructive_requires_name: true
>
>
>
Am Dienstag, 25. Oktober 2016 10:06:55 UTC+2 schrieb Schwään:
>
> Hello,
>
> when i Start the Webconfig of Graylog it says 
> Elasticsearch cluster unavailable
>
> but i dont have a cluster and don´t have configured a cluster.
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/cce4b016-4313-4d48-bacf-e15e14a514b9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Could not Load field indormation

2016-10-25 Thread 'Schwään' via Graylog Users 
I Try to use my Server in Graylog but it shows

*Could not load field information*
*Loading field information failed with status: cannot GET 
http://10.250.20.60:9000/api/system/fields (500*

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/ced16c80-17c8-4ef5-884a-398e14e87853%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Elasticsearch cluster unavailable (I dont have a CLuster)

2016-10-25 Thread 'Schwään' via Graylog Users 
this is my graylog log i dont know what to do

2016-09-27T04:44:10.604+02:00 ERROR [AnyExceptionClassMapper] Unhandled 
exception in REST resource
org.elasticsearch.discovery.MasterNotDiscoveredException
at 
org.elasticsearch.action.support.master.TransportMasterNodeAction$AsyncSingleAction$5.onTimeout(TransportMasterNodeAction.java:226)
 
~[graylog.jar:?]
at 
org.elasticsearch.cluster.ClusterStateObserver$ObserverClusterStateListener.onTimeout(ClusterStateObserver.java:236)
 
~[graylog.jar:?]
at 
org.elasticsearch.cluster.service.InternalClusterService$NotifyTimeout.run(InternalClusterService.java:804)
 
~[graylog.jar:?]
at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) 
[?:1.8.0_102]
at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) 
[?:1.8.0_102]
at java.lang.Thread.run(Thread.java:745) [?:1.8.0_102]
2016-09-27T04:44:10.607+02:00 ERROR [AnyExceptionClassMapper] Unhandled 
exception in REST resource
org.elasticsearch.discovery.MasterNotDiscoveredException
at 
org.elasticsearch.action.support.master.TransportMasterNodeAction$AsyncSingleAction$5.onTimeout(TransportMasterNodeAction.java:226)
 
~[graylog.jar:?]
at 
org.elasticsearch.cluster.ClusterStateObserver$ObserverClusterStateListener.onTimeout(ClusterStateObserver.java:236)
 
~[graylog.jar:?]
at 
org.elasticsearch.cluster.service.InternalClusterService$NotifyTimeout.run(InternalClusterService.java:804)
 
~[graylog.jar:?]
at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) 
[?:1.8.0_102]
at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) 
[?:1.8.0_102]
at java.lang.Thread.run(Thread.java:745) [?:1.8.0_102]
2016-09-27T04:44:28.030+02:00 INFO  [IndexerClusterCheckerThread] Indexer 
not fully initialized yet. Skipping periodic cluster check.
2016-09-27T04:44:30.607+02:00 ERROR [AnyExceptionClassMapper] Unhandled 
exception in REST resource
org.elasticsearch.discovery.MasterNotDiscoveredException
at 
org.elasticsearch.action.support.master.TransportMasterNodeAction$AsyncSingleAction$5.onTimeout(TransportMasterNodeAction.java:226)
 
~[graylog.jar:?]
at 
org.elasticsearch.cluster.ClusterStateObserver$ObserverClusterStateListener.onTimeout(ClusterStateObserver.java:236)
 
~[graylog.jar:?]
at 
org.elasticsearch.cluster.service.InternalClusterService$NotifyTimeout.run(InternalClusterService.java:804)
 
~[graylog.jar:?]
at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) 
[?:1.8.0_102]
at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) 
[?:1.8.0_102]
at java.lang.Thread.run(Thread.java:745) [?:1.8.0_102]
2016-09-27T04:44:58.032+02:00 INFO  [IndexerClusterCheckerThread] Indexer 
not fully initialized yet. Skipping periodic cluster check.
2016-09-27T04:45:28.035+02:00 INFO  [IndexerClusterCheckerThread] Indexer 
not fully initialized yet. Skipping periodic cluster check.
2016-09-27T04:45:58.044+02:00 INFO  [IndexerClusterCheckerThread] Indexer 
not fully initialized yet. Skipping periodic cluster check.
2016-09-27T04:46:28.047+02:00 INFO  [IndexerClusterCheckerThread] Indexer 
not fully initialized yet. Skipping periodic cluster check.
2016-09-27T04:46:58.049+02:00 INFO  [IndexerClusterCheckerThread] Indexer 
not fully initialized yet. Skipping periodic cluster check.
2016-09-27T04:47:28.052+02:00 INFO  [IndexerClusterCheckerThread] Indexer 
not fully initialized yet. Skipping periodic cluster check.
2016-09-27T04:47:58.055+02:00 INFO  [IndexerClusterCheckerThread] Indexer 
not fully initialized yet. Skipping periodic cluster check.
2016-09-27T04:48:27.716+02:00 INFO  [IndexRetentionThread] Elasticsearch 
cluster not available, skipping index retention checks.
2016-09-27T04:48:28.057+02:00 INFO  [IndexerClusterCheckerThread] Indexer 
not fully initialized yet. Skipping periodic cluster check.
2016-09-27T04:48:42.767+02:00 INFO  [IndexRangesCleanupPeriodical] Skipping 
index range cleanup because the Elasticsearch cluster is unreachable or 
unhealthy
2016-09-27T04:48:58.060+02:00 INFO  [IndexerClusterCheckerThread] Indexer 
not fully initialized yet. Skipping periodic cluster check.
2016-09-27T04:49:28.062+02:00 INFO  [IndexerClusterCheckerThread] Indexer 
not fully initialized yet. Skipping periodic cluster check.
2016-09-27T04:49:58.064+02:00 INFO  [IndexerClusterCheckerThread] Indexer 
not fully initialized yet. Skipping periodic cluster check.
2016-09-27T04:50:28.067+02:00 INFO  [IndexerClusterCheckerThread] Indexer 
not fully initialized yet. Skipping periodic cluster check.
2016-09-27T04:50:58.069+02:00 INFO  [IndexerClusterCheckerThread] Indexer 
not fully initialized yet. Skipping periodic cluster check.
2016-09-27T04:51:28.072+02:00 INFO  [IndexerClusterCheckerThread] Indexer 
not fully initialized yet. Skipping periodic

[graylog2] Elasticsearch cluster unavailable (I dont have a CLuster)

2016-10-25 Thread 'Schwään' via Graylog Users 
Hello,

when i Start the Webconfig of Graylog it says 
Elasticsearch cluster unavailable

but i dont have a cluster and don´t have configured a cluster.


-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/150f66e7-7fab-47a2-8e5c-d60f4c4dc877%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Elasticsearch wont Start

2016-10-21 Thread 'Schwään' via Graylog Users 
Wrong copy my
web_listen_uri = http://10.250.20.60:9000/

Elasticsearch dont make log at my server :/var/log/elasticsearch is empty.
at logging.yml i give path /var/log/elasticsearch as test but it dont works

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/a4acc827-1c38-4869-88a1-57039dda1360%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Elasticsearch wont Start

2016-10-21 Thread 'Schwään' via Graylog Users 


Graylog: 2.1.1
Elasticsearch: 2.4.1

:/var/log/elasticsearch# systemctl status elasticsearch.service
● elasticsearch.service - Elasticsearch
Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled)
Active: failed (Result: exit-code) since Mon 2016-10-03 07:25:31 CEST; 5min 
ago
Docs: http://www.elastic.co
Main PID: 1257 (code=exited, status=1/FAILURE)

Oct 03 07:25:31 S250A030 elasticsearch[1257]: at 
org.elasticsearch.common.settings.loader.XContentSettingsLoader.load(XContentSettingsLoader.java:67)
Oct 03 07:25:31 S250A030 elasticsearch[1257]: at 
org.elasticsearch.common.settings.loader.XContentSettingsLoader.load(XContentSettingsLoader.java:45)
Oct 03 07:25:31 S250A030 elasticsearch[1257]: at 
org.elasticsearch.common.settings.loader.YamlSettingsLoader.load(YamlSettingsLoader.java:46)
Oct 03 07:25:31 S250A030 elasticsearch[1257]: at 
org.elasticsearch.common.settings.Settings$Builder.loadFromStream(Settings.java:1080)
Oct 03 07:25:31 S250A030 elasticsearch[1257]: at 
org.elasticsearch.common.settings.Settings$Builder.loadFromPath(Settings.java:1067)
Oct 03 07:25:31 S250A030 elasticsearch[1257]: at 
org.elasticsearch.node.internal.InternalSettingsPreparer.prepareEnvironment(InternalSettingsPreparer.java:88)
Oct 03 07:25:31 S250A030 elasticsearch[1257]: at 
org.elasticsearch.bootstrap.Bootstrap.initialSettings(Bootstrap.java:218)
Oct 03 07:25:31 S250A030 elasticsearch[1257]: at 
org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:257)
Oct 03 07:25:31 S250A030 elasticsearch[1257]: at 
org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:35)
Oct 03 07:25:31 S250A030 elasticsearch[1257]: Refer to the log for complete 
error details.

I Don´t Know why it not Start.

tailf /var/log/graylog-server/server.log

[discovery] [graylog-8fb3738a-4550-4bb8-9867-5faf2f5096d1] waited for 3s 
and no initial state was set by the discovery
2016-10-03T07:27:02.870+02:00 INFO [node] 
[graylog-8fb3738a-4550-4bb8-9867-5faf2f5096d1] started
2016-10-03T07:27:07.880+02:00 WARN [IndexerSetupService] Could not connect 
to Elasticsearch
2016-10-03T07:27:07.880+02:00 INFO [IndexerSetupService] If you're using 
multicast, check that it is working in your network and that Elasticsearch 
is accessible. Also check that the cluster name setting is correct.
2016-10-03T07:27:07.881+02:00 INFO [IndexerSetupService] See
http://docs.graylog.org/en/2.1/pages/configuration/elasticsearch.html for 
details.
2016-10-03T07:27:14.316+02:00 INFO [IndexRangesCleanupPeriodical] Skipping 
index range cleanup because the Elasticsearch cluster is unreachable or 
unhealthy

server.conf excerpt:

rest_listen_uri = http://10.250.20.60:12900/
web_listen_uri = http:/10.250.20.60:9000/
elasticsearch_cluster_name = graylog
elasticsearch_discovery_zen_ping_unicast_hosts = 127.0.0.1:9300
elasticsearch_discovery_zen_ping_multicast_enabled = false

elasticsearch.yml excerpt:

cluster.name: graylog
node.master: true
node.data: true
bootstrap.mlockall: true
network.host: 127.0.0.1
discovery.zen.ping.multicast.enabled: false
discover.zen.ping.unicast.hosts: ["127.0.0.1"]

Elasticsearch and Graylog are on the Same Server




/var/log/elasticsearch# ls
root@S250A030:/var/log/elasticsearch#

There are no Files :(

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/35f5d8fd-540c-4a57-b92f-071500a8950a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.