[graylog2] Email Configuration

[Phil Bailey]

Hi All

Was wondering if somebody could help me, im trying to configure the email 
transport settings but when i try to send a test email i get an error statin

Email Transport Configuration is missing or invalid

My graylog server config reads as below

# Email transport
transport_email_enabled = true
transport_email_hostname = exchange.vstrading.co.uk
transport_email_port = 25
transport_email_use_auth = false
transport_email_use_tls = true
transport_email_use_ssl = true
transport_email_auth_username =
transport_email_auth_password =
transport_email_subject_prefix = [graylog2]
transport_email_from_email = grayl...@vstrading.co.uk

Am i missing something?

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/b98d5442-dd37-4507-9700-d3192f1058ba%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [graylog2] Email Configuration

[Phil Bailey]

Many Thanks for coming back to me Joi, i have full admin so should be able 
to change any settings if needed, if you could check id really appreciate 
it.

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/6c105c8e-11aa-4f2c-bbbe-461671be0cf7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Upgrade

[Phil Bailey]

Hi Kaiser 

Thanks for the info, i have run the commands and restarted the server but 
it doesnt seem to have made a difference

Im still on the old version, am i missing something?

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/f01de9e1-7b7a-4d36-9bc1-e7a9c68e2348%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Upgrade

[Phil Bailey]

Hi Jochen 

Thanks for coming back to me, i seem to have somehow managed to upgrade to 
the latest install, issue now is my Elasticsearch Cluster in 
system/overview is stating unavailable 

i have checked the config and it was all working prior to the upgrade, any 
thoughts about how best to troubleshoot?

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/41c3d379-9cca-41fa-9b67-73a263a57142%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Upgrade

[Phil Bailey]

Just to add i have run this, and im still getting an old version, could 
somebody just let me know the best way to update please

wget 
https://packages.graylog2.org/releases/graylog2-omnibus/ubuntu/graylog_latest.deb
sudo graylog-ctl stop
sudo dpkg -G -i graylog_latest.deb
sudo graylog-ctl reconfigure

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/1adf2b8d-0bf8-478d-b4c6-d8458f14808a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Upgrade

[Phil Bailey]

Hi Everyone 

Very new to both Ubuntu and Graylog, was wondering if somebody could help 
me, i have followed this guide 

 for 
installing and setting up Graylog, but just noticed its a very old version.

after getting everything up and running, i tried to just install the latest 
version but had all sorts of problems with both the web and server not 
connecting.

Assuming i had done something wrong i have started again, but i dont want 
to make the same mistake.

I would be very grateful if somebody could give me a idiots guide to 
upgrading Graylog2 V0.20.2 to the latest install.

Thanks guys.

Phil

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/b12fef1f-de16-4157-9a8a-9fb385615fdd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] GUI Password

[Phil Bailey]

Morning All

I think im being really thick but i cant work this out, i have set my 
password on the server using the following echo -n P@ssw5rd | shasum -a 256 
which out puts 
590561e975aa1cbdaa6ff00da013dfb85656990eef11e504e9febe48a87d3642

Im then going to my web GUI and trying to log in with admin and P@ssw5rd 
but its telling me invalid credentials, im obviously missing something but 
cant see the wood for the trees.

Any help appreciated 

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/f5d4266f-8d70-4416-abcb-efa32d94fc45%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Log location

[Phil Bailey]

Thanks for your reply Jochen 

I have had a look and i have the folder /var/log/elasticsearch but i dont 
seem to have the data folder

I need to add more storage to were the log files are stored, is their a 
config file to tell me were the data is being stored?

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/fcd614c1-c283-42f1-8c2e-c9075a2d3fa6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Log location

[Phil Bailey]

Hi Jochen 

Again many thanks for your reply, my goal really is for all big files to be 
on the 2TB hard drive so we dont fill up the system disk, i have edited the 
elasticsearch.yml file with the below and mounted the 2TB disk to the media 
folder point.

Looking at the logs all seems to be now working, just one thing the file 
size doesnt seem much bigger then a few megabytes, is the elasticsearch.yml 
file the only config file that needs editing?  Just feel im missing 
something

 --- Paths 


#

# Path to directory where to store the data (separate multiple locations by 
comma):

#

path.data: /media/loggingdrive

#

# Path to log files:

#

# path.logs: /path/to/logs
#

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/2c3eb1b0-ba4f-4611-9a70-696405d49b3c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] GELF Logs

[Phil Bailey]

Morning All

Was wondering if somebody could help me, i have a bit of an issue with 
Graylog2 and GELF windows logs.

I have setup a GELF input and from what i can see the logs are being 
received from a Server 2012 domain controller via NXLOG, their are no 
errors on the server in the logs.

on my Graylog2 server i have 204MiB or date received, but i cant see any 
event logs anywhere and i have nothing in the sources tab of servers.

I have googled and come across post on here about a option that needs 
enabling but the link is dead that explains it.

Can anyone please please help, im out of ideas and have reinstalled this 
twice now.

Any help massively appreciated.

Thanks Guys

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/622f13dc-0875-4d42-84e1-49586b890afe%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Log location

[Phil Bailey]

Afternoon All

Was wondering could somebody again help me out please, im trying to move my 
default location of all my logs, i have installed and mounted a 2TB hard 
drive to store all my logs on.

I have looked online and amended the graylog2ctl file in 
/opt/graylog2-server-0.20.2/bin folder, to change the location from 
log/graylog2-server.log to my mount point.

But nothing seems to change, im still getting logs being picked up but my 
log file hasnt recreated itself in the mount point location.

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/da5a9b28-950f-4f39-9922-232b342c1995%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: GELF Logs

[Phil Bailey]

Hi Jochen 

Many thanks for your reply, sorry but are you saying i need to change 
om_udp to GELF_UDP

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/50ce5282-cc8d-41e7-988e-ef8c39672624%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: GELF Logs

[Phil Bailey]

Hi Jochen

Many thanks for coming back to me, ive attached a screen shot of the putty 
interface tracking the data coming into the Ubuntu box, and the web 
interface GELF input.

Also below is the NXLOG configuration.

Thanks again for help very much appreciated

Phil

## This is a sample configuration file. See the nxlog reference manual 
about the
## configuration options. It should be installed locally and is also 
available
## online at http://nxlog.org/docs/

## Please set the ROOT to the folder your nxlog was installed into,
## otherwise it will not start.

#define ROOT C:\Program Files\nxlog
define ROOT C:\Program Files (x86)\nxlog

Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
LogFile %ROOT%\data\nxlog.log


Module  xm_syslog



Module  im_msvistalog
# For windows 2003 and earlier use the following:
#   Module  im_mseventlog



Module  om_udp
Host192.168.10.17
Port12201
Execto_syslog_snare();



Pathin => out




On Tuesday, January 5, 2016 at 10:30:51 AM UTC, Jochen Schalanda wrote:
>
> Hi Phil,
>
> please post your configuration of nxlog and the configuration of the GELF 
> Input in Graylog (Web interface: System -> Inputs).
>
>
> Cheers,
> Jochen
>
> On Tuesday, 5 January 2016 10:43:49 UTC+1, Phil Bailey wrote:
>>
>> Morning All
>>
>> Was wondering if somebody could help me, i have a bit of an issue with 
>> Graylog2 and GELF windows logs.
>>
>> I have setup a GELF input and from what i can see the logs are being 
>> received from a Server 2012 domain controller via NXLOG, their are no 
>> errors on the server in the logs.
>>
>> on my Graylog2 server i have 204MiB or date received, but i cant see any 
>> event logs anywhere and i have nothing in the sources tab of servers.
>>
>> I have googled and come across post on here about a option that needs 
>> enabling but the link is dead that explains it.
>>
>> Can anyone please please help, im out of ideas and have reinstalled this 
>> twice now.
>>
>> Any help massively appreciated.
>>
>> Thanks Guys
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/18f65e46-7be8-4d3c-b385-0984e77e93d7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: GELF Logs

[Phil Bailey]

Jochen you are very much on my number one favorite list, thank you very 
very very much for your patience and help, we now have logs :) 

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/3c43edd1-1193-4e43-b251-747716d3bab1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Log location

[Phil Bailey]

Evening Jochen

Many thanks for coming back to me, im looking into sorting that very soon.

Sorry are you saying i can just mount the hard drive to the Elasticsearchs 
data.path as a mount point and the logs will just carry on as they were?  I 
dont seem to have a data path in the config

It is just the logs that Graylog2 is collecting from my servers that i want 
to more

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/c89b4910-1b5d-4b29-bf97-894b40bc0a6c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Web Interface Login

[Phil Bailey]

Morning Guys

Apologies if this is a bit of a noob questions but im in need of a little 
help, this maybe a very easy answer but ive been banging my head against 
this for a week now.

Im totally new to both Ubuntu and Graylog2, so your patience is appreciated 
guys.

Ive run though a setup guide online for installing Graylog2 on a Ubuntu 
14.4 Server, and ive got to the stage of the web interface log in, now for 
the life of me i cant log in.

I have read the password is displayed in clear text int he graylog2.conf, 
and i can see it listed as a long list of numbers and letters, now i use 
the password i set which doesnt work, ive used these numbers and letters 
which doesnt work, and ive used a combo of both.

No matter what i cant seem to get into the web gui, i have tried manually 
removing the long numbers and letters and replacing with a short simple 
password but no joy.

Im assuming im missing something very obvious as i cant seem to find anyone 
else online with a similar issue.

any help would be very much appreciated.

Thanks for your time guys

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/304ce83c-d6f5-4545-890f-ceb2ce664254%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Graylog2 0.20.0p8 not receiving external messages

[Phil Bailey]

Did anyone ever get this working, the link below no longer works, i have 
the same issue with no sources on my dashboard.

On Tuesday, March 10, 2015 at 11:06:04 AM UTC, Emad Khurshid wrote:
>
> Hi, I am facing the same problem here... what is the big "Turn on Switch", 
> can you please give me steps to conclude... i am using Graylog setup, I 
> have gone through the same link from the very beginning. Thanks
>
>
>
> On Thursday, December 19, 2013 at 11:16:14 AM UTC-8, Rob Walker wrote:
>>
>> Apparently I did miss the big 'turn it on' switch!
>>
>>
>> http://support.torch.sh/help/kb/graylog2-web-interface/installing-graylog2-web-interface-v0200-previewx-on-nix-systems#create-and-input-and-send-a-first-message
>>
>> On Wednesday, December 18, 2013 3:49:25 AM UTC-5, Yaron Shahrabani wrote:
>>>
>>> Hey guys!
>>>
>>> I installed Graylog2 0.20.0 preview 8 on CentOS 6.5.
>>>
>>> The installation succeeded, the web interface is working and there are 
>>> no special errors in the logs.
>>>
>>> I added the required input for GELF at port 12201 UDP.
>>>
>>> I have a server with nxlog installed so I directed it's GELF output to 
>>> my Graylog server.
>>> In order to make sure that the traffic is received I opened ngrep and 
>>> tcpdump on the required port on the Graylog server, the packets are 
>>> received.
>>>
>>> The messages from the remote machine does not appear so I tried 
>>> injecting a message locally using netcat (echo "Some message" | nc -w 1 
>>> -u 127.0.0.1 12201) of course I had to remove the GELF input and add a 
>>> Raw/Plaintext input instead on the same port.
>>>
>>> I also tried changing the nxlog side to Syslog and Raw/Plaintext (and 
>>> changing the Graylog configuration accordingly), the messages appear only 
>>> when I look at ngrep but they are not showing up in the Graylog, do you 
>>> want me to share config?
>>> Any ideas?
>>>
>>> Kind regards,
>>> Yaron Shahrabani.
>>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/6f83227e-2552-47ed-8e2f-8c2fea0ab888%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.