RE: [graylog2] grok pattern not working

2015-10-22 Thread Osztrovszky Zsolt 
Thanks, now it’s working.

Cheers,
Zsolt

From: graylog2@googlegroups.com [mailto:graylog2@googlegroups.com] On Behalf Of 
Jochen Schalanda
Sent: Wednesday, October 21, 2015 3:49 PM
To: Graylog Users 
Subject: Re: [graylog2] grok pattern not working

Hi Zsolt,

that's no valid grok pattern on your screenshot.

You can for example import the standard grok patterns from Logstash 
(https://raw.githubusercontent.com/logstash-plugins/logstash-patterns-core/master/patterns/grok-patterns)
 into Graylog.

Cheers,
Jochen

On Wednesday, 21 October 2015 14:25:38 UTC+2, Zsolt Osztrovszky wrote:

Hi,

I did it, it is on the second picture.

I’ve attached the picture.



Cheers,

Zsolt
--
You received this message because you are subscribed to a topic in the Google 
Groups "Graylog Users" group.
To unsubscribe from this topic, visit 
https://groups.google.com/d/topic/graylog2/KBn38OfLyUc/unsubscribe.
To unsubscribe from this group and all its topics, send an email to 
graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/67353b7e-271c-43ce-87f4-f5b8ebf42b44%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


FIGYELMEZTETÉS:
"Ez az e-mail bizalmas információkat tartalmaz kizárólag a címzett(ek) számára. 
Amennyiben Ön nem címzettje ennek az e-mail-nek, felhívjuk figyelmét arra, hogy 
az e-mail tartalmának közzététele, másolása, illetéktelenek számára való 
továbbítása, megőrzése vagy bármilyen hasonló tevékenység tilos és törvénybe 
ütköző."

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/20813E38516D75429744E7A4B8B656FF02549D446F6B%40PETZCMSVS01.intra.ahrt.hu.
For more options, visit https://groups.google.com/d/optout.

RE: [graylog2] grok pattern not working

2015-10-21 Thread Osztrovszky Zsolt 
Hi,

I did it, it is on the second picture.

I’ve attached the picture.



Cheers,

Zsolt



-Original Message-
From: graylog2@googlegroups.com [mailto:graylog2@googlegroups.com] On Behalf Of 
Edmundo Alvarez
Sent: Wednesday, October 21, 2015 2:23 PM
To: graylog2@googlegroups.com
Subject: Re: [graylog2] grok pattern not working



Hi Zsolt,



That is only one part of it, you first need to create Grok patterns in System 
-> Grok patterns. You can create them by hand or import a file including the 
most common ones.



Regards,



Edmundo



> On 21 Oct 2015, at 12:57, Osztrovszky Zsolt 
> <osztrovszk...@ahrt.hu<mailto:osztrovszk...@ahrt.hu>> wrote:

>

> Yes.

> Like this:

> 

> 

>

> Cheers,

> Zsolt

>

> From: graylog2@googlegroups.com<mailto:graylog2@googlegroups.com> 
> [mailto:graylog2@googlegroups.com] On Behalf Of Jochen Schalanda

> Sent: Tuesday, October 20, 2015 4:03 PM

> To: Graylog Users 
> <graylog2@googlegroups.com<mailto:graylog2@googlegroups.com>>

> Subject: [graylog2] Re: grok pattern not working

>

> Hi Zsolt,

>

> did you add the required Grok patterns to your Graylog system?

>

>

> Cheers,

> Jochen

>

> On Tuesday, 20 October 2015 12:56:17 UTC+2, Zsolt Osztrovszky wrote:

> Hello Guys!

> I'd like to setup an extractor with Grok pattern.

> This is my sample message and pattern:

> 10.10.1.1 - - [13/Oct/2015:17:19:54 +0200] "GET //ed98/561/this.m3u8 
> HTTP/1.1" 200 388 "http://10.1.1.1/hls.php?o==2kV=BASE64; 
> "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11) AppleWebKit/601.1.56 (KHTML, 
> like Gecko) Version/9.0 Safari/601.1.56" 3878 6090 ed98b

>

> pattern:

> %{IP:remote_addr}

>

> If I push try, it says: Attention We were not able to run the grok 
> extraction. Please check your parameters.

>

> What am I doing wrong?

> Thanks.

> Cheers,

> Zsolt

> --

> You received this message because you are subscribed to a topic in the Google 
> Groups "Graylog Users" group.

> To unsubscribe from this topic, visit 
> https://groups.google.com/d/topic/graylog2/KBn38OfLyUc/unsubscribe.

> To unsubscribe from this group and all its topics, send an email to 
> graylog2+unsubscr...@googlegroups.com<mailto:graylog2+unsubscr...@googlegroups.com>.

> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/graylog2/ab9539b3-7c11-4665-a6f4-f6c092a2b690%40googlegroups.com.

> For more options, visit https://groups.google.com/d/optout.

>

> FIGYELMEZTETÉS:

> "Ez az e-mail bizalmas információkat tartalmaz kizárólag a címzett(ek) 
> számára. Amennyiben Ön nem címzettje ennek az e-mail-nek, felhívjuk figyelmét 
> arra, hogy az e-mail tartalmának közzététele, másolása, illetéktelenek 
> számára való továbbítása, megőrzése vagy bármilyen hasonló tevékenység tilos 
> és törvénybe ütköző."

>

> --

> You received this message because you are subscribed to the Google Groups 
> "Graylog Users" group.

> To unsubscribe from this group and stop receiving emails from it, send an 
> email to 
> graylog2+unsubscr...@googlegroups.com<mailto:graylog2+unsubscr...@googlegroups.com>.

> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/graylog2/20813E38516D75429744E7A4B8B656FF02549D446D38%40PETZCMSVS01.intra.ahrt.hu.

> For more options, visit https://groups.google.com/d/optout.



--

You received this message because you are subscribed to a topic in the Google 
Groups "Graylog Users" group.

To unsubscribe from this topic, visit 
https://groups.google.com/d/topic/graylog2/KBn38OfLyUc/unsubscribe.

To unsubscribe from this group and all its topics, send an email to 
graylog2+unsubscr...@googlegroups.com<mailto:graylog2+unsubscr...@googlegroups.com>.

To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/54996BA5-68DF-4F96-9B61-6B8DFEA621F6%40graylog.com.

For more options, visit https://groups.google.com/d/optout.


FIGYELMEZTETÉS:
"Ez az e-mail bizalmas információkat tartalmaz kizárólag a címzett(ek) számára. 
Amennyiben Ön nem címzettje ennek az e-mail-nek, felhívjuk figyelmét arra, hogy 
az e-mail tartalmának közzététele, másolása, illetéktelenek számára való 
továbbítása, megőrzése vagy bármilyen hasonló tevékenység tilos és törvénybe 
ütköző."

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/20813E38516D75429744E7A4B8B656FF02549D446DA1%40PETZCMSVS01.intra.ahrt.hu.
For more options, visit https://groups.google.com/d/optout.

RE: [graylog2] Re: grok pattern not working

2015-10-21 Thread Osztrovszky Zsolt 
Yes.
Like this:
[cid:image001.png@01D10C00.10723AF0]
[cid:image002.png@01D10C00.10723AF0]

Cheers,
Zsolt

From: graylog2@googlegroups.com [mailto:graylog2@googlegroups.com] On Behalf Of 
Jochen Schalanda
Sent: Tuesday, October 20, 2015 4:03 PM
To: Graylog Users 
Subject: [graylog2] Re: grok pattern not working

Hi Zsolt,

did you add the required Grok patterns to your Graylog system?


Cheers,
Jochen

On Tuesday, 20 October 2015 12:56:17 UTC+2, Zsolt Osztrovszky wrote:
Hello Guys!
I'd like to setup an extractor with Grok pattern.
This is my sample message and pattern:
10.10.1.1 - - [13/Oct/2015:17:19:54 +0200] "GET //ed98/561/this.m3u8 
HTTP/1.1" 200 388 "http://10.1.1.1/hls.php?o==2kV=BASE64; "Mozilla/5.0 
(Macintosh; Intel Mac OS X 10_11) AppleWebKit/601.1.56 (KHTML, like Gecko) 
Version/9.0 Safari/601.1.56" 3878 6090 ed98b

pattern:
%{IP:remote_addr}

If I push try, it says: Attention We were not able to run the grok extraction. 
Please check your parameters.

What am I doing wrong?
Thanks.
Cheers,
Zsolt
--
You received this message because you are subscribed to a topic in the Google 
Groups "Graylog Users" group.
To unsubscribe from this topic, visit 
https://groups.google.com/d/topic/graylog2/KBn38OfLyUc/unsubscribe.
To unsubscribe from this group and all its topics, send an email to 
graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/ab9539b3-7c11-4665-a6f4-f6c092a2b690%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


FIGYELMEZTETÉS:
"Ez az e-mail bizalmas információkat tartalmaz kizárólag a címzett(ek) számára. 
Amennyiben Ön nem címzettje ennek az e-mail-nek, felhívjuk figyelmét arra, hogy 
az e-mail tartalmának közzététele, másolása, illetéktelenek számára való 
továbbítása, megőrzése vagy bármilyen hasonló tevékenység tilos és törvénybe 
ütköző."

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/20813E38516D75429744E7A4B8B656FF02549D446D38%40PETZCMSVS01.intra.ahrt.hu.
For more options, visit https://groups.google.com/d/optout.

RE: [graylog2] Re: setup ElasticSearch and Graylog

2015-10-19 Thread Osztrovszky Zsolt 
Thanks.
How can I restart it if I can’t find it in the service --status-all?

Cheers,
Zsolt

From: graylog2@googlegroups.com [mailto:graylog2@googlegroups.com] On Behalf Of 
Jochen Schalanda
Sent: Monday, October 19, 2015 12:22 PM
To: Graylog Users 
Subject: [graylog2] Re: setup ElasticSearch and Graylog

Hi Zsolt,

On Monday, 19 October 2015 12:13:32 UTC+2, Zsolt Osztrovszky wrote:
elasticsearch_config_file = /etc/elasticsearch/elasticsearch.yml

This setting is probably the culprit. The elasticsearch_config_file setting is 
being used to point to an Elasticsearch configuration file to customize the 
internal Graylog Elasticsearch client node, but you're pointing to the 
configuration of the external Elasticsearch node. Just remove or comment out 
this setting and restart Graylog.


Cheers,
Jochen
--
You received this message because you are subscribed to a topic in the Google 
Groups "Graylog Users" group.
To unsubscribe from this topic, visit 
https://groups.google.com/d/topic/graylog2/JyU8zPj3FuA/unsubscribe.
To unsubscribe from this group and all its topics, send an email to 
graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/1982ff20-54e3-4cd8-953b-c3f040e41896%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


FIGYELMEZTETÉS:
"Ez az e-mail bizalmas információkat tartalmaz kizárólag a címzett(ek) számára. 
Amennyiben Ön nem címzettje ennek az e-mail-nek, felhívjuk figyelmét arra, hogy 
az e-mail tartalmának közzététele, másolása, illetéktelenek számára való 
továbbítása, megőrzése vagy bármilyen hasonló tevékenység tilos és törvénybe 
ütköző."

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/20813E38516D75429744E7A4B8B656FF02549D2F2CD8%40PETZCMSVS01.intra.ahrt.hu.
For more options, visit https://groups.google.com/d/optout.