Re: [graylog2] Re: graylog2 connection to elasticsearch

2015-04-13 Thread ANKUR GOYAL 
Hello,

Can anyone please help me how to update graylog2 0.20.6 to latest version
.I have 2 machines one is running elasticsearch 0.90.1 and other is running
graylog2 server 0.20.6 and graylog2 web interface 0.20.6 .

Thanks in Advance,

Ankur Goyal,

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [graylog2] Re: graylog2 connection to elasticsearch

2014-08-05 Thread ANKUR GOYAL 
My iptables already stopped
On Aug 5, 2014 3:20 PM, "Virgil"  wrote:

> I suspect the problem is going to be firewall blocking communications
> between servers.  CentOS defaults to deny.
>
> Stop firewall to confirm this:
>
> service iptables stop
>
> Or java processes binding to IPv6 addresses when configuration files are
> assuming IPv4
> See the extra :: in front of 9200 and 9300 in netstat output.
>
> Virgil
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "graylog2" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/graylog2/qzvh41ptTl4/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> graylog2+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [graylog2] Re: graylog2 connection to elasticsearch

2014-08-05 Thread Virgil 
I suspect the problem is going to be firewall blocking communications between 
servers.  CentOS defaults to deny.

Stop firewall to confirm this:

service iptables stop

Or java processes binding to IPv6 addresses when configuration files are 
assuming IPv4
See the extra :: in front of 9200 and 9300 in netstat output.

Virgil

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: graylog2 connection to elasticsearch

2014-08-04 Thread Ankit Mittal 

>
> Hi Ankur,


 Are you using all 3 configuration files ?

If not please use all 3 files ie graylog2.conf elasticsearch.yml and 
graylog2-elasticsearch.yml 

 and also provide the service status ( running / not running ) for 
elasticsearch , graylog server and graylog- web ui


with logs of all three services.


Thanks
Ankit Mittal

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [graylog2] Re: graylog2 connection to elasticsearch

2014-08-03 Thread ANKUR GOYAL 
Hello Ankit,
As per your guidance I made a new file in /etc/graylog2-elasticsearch.yml
and copied the content of graylog2-elasticsearch.yml file provided by
you,but still same bind error.


On Fri, Aug 1, 2014 at 2:56 PM, Ankit Mittal  wrote:

> Hi Ankur,
>
>
> graylog2-elasticsearch.yml file is only to separate the elasticsearch
> setting used by graylog server. You don't have to install elasticsearch on
> both server . I am using two file for graylog server ( graylog2.conf and 
> graylog2-elasticsearch.yml
> ) on my graylog server.
>
> graylog2-elasticsearch.yml is not used by  elasticsearch it is used by
> graylog server to connect to elasticsearch cluster and transfer the data.
>
> Thanks,
> Ankit Mittal
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "graylog2" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/graylog2/qzvh41ptTl4/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> graylog2+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>



-- 
ANKUR GOYAL


Contact:+91-8058552971

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: graylog2 connection to elasticsearch

2014-08-01 Thread Ankit Mittal 

>
> Hi Ankur,


graylog2-elasticsearch.yml file is only to separate the elasticsearch 
setting used by graylog server. You don't have to install elasticsearch on 
both server . I am using two file for graylog server ( graylog2.conf and 
graylog2-elasticsearch.yml 
) on my graylog server.

graylog2-elasticsearch.yml is not used by  elasticsearch it is used by 
graylog server to connect to elasticsearch cluster and transfer the data.

Thanks,
Ankit Mittal

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [graylog2] Re: graylog2 connection to elasticsearch

2014-08-01 Thread ANKUR GOYAL 
Hello Ankit,

I have one confusion, I want to ask that do I need to copy
graylog2-elasticsearch.yml file to the graylog2-server (2nd machine) or do
I need to install elasticsearch on both machine.


On Fri, Aug 1, 2014 at 12:32 PM, Ankit Mittal 
wrote:

> Hi Ankur,
>
> Please find the configuration file in the attachment .
>
>
> Thanks,
> Ankit Mittal
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "graylog2" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/graylog2/qzvh41ptTl4/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> graylog2+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>



-- 
ANKUR GOYAL


Contact:+91-8058552971

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: graylog2 connection to elasticsearch

2014-08-01 Thread Ankit Mittal 
Hi Ankur, 

Please find the configuration file in the attachment . 


Thanks,
Ankit Mittal

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
# If you are running more than one instances of graylog2-server you have to 
select one of these
# instances as master. The master will perform some periodical tasks that 
non-masters won't perform.
is_master = true

# The auto-generated node ID will be stored in this file and read after 
restarts. It is a good idea
# to use an absolute file path here if you are starting graylog2-server from 
init scripts or similar.
node_id_file = /etc/graylog2-server-node-id

# You MUST set a secret to secure/pepper the stored user passwords here. Use at 
least 64 characters.
# Generate one by using for example: pwgen -s 96
password_secret = mynewpasswordsecret
# the default root user is named 'admin'
# root_username = admin
# You MUST specify a hash password for the root user (which you only need to 
initially set up the
# system and in case you lose connectivity to your authentication backend)
# This password cannot be changed using the API or via the web interface. If 
you need to change it,
# modify it in this file.
# Create one by using for example: echo -n yourpassword | shasum -a 256
# and put the resulting hash value into the following line
root_password_sha2 = 
PWYQZ10oEleOpSbmJ6DQrwYCqQFLRx94g8SK1TGicpbtvXyocGNxQ3YYM5k30dpaPkWerEnUsFfxLtgVWkBS1Vu3wmdDOxkD

# Set plugin directory here (relative or absolute)
plugin_dir = plugin

# REST API listen URI. Must be reachable by other graylog2-server nodes if you 
run a cluster.
rest_listen_uri = http://192.168.2.254:12900/

# REST API transport address. Defaults to the value of rest_listen_uri. 
Exception: If rest_listen_uri
# is set to a wildcard IP address (0.0.0.0) the first non-loopback IPv4 system 
address is used.
# This will be promoted in the cluster discovery APIs and other nodes may try 
to connect on this
# address. (see rest_listen_uri)
#rest_transport_uri =

# Enable CORS headers for REST api. This is necessary for JS-clients accessing 
the server directly.
# If these are disabled, modern browsers will not be able to retrieve resources 
from the server.
# This is disabled by default. Uncomment the next line to enable it.
rest_enable_cors = true

# Enable GZIP support for REST api. This compresses API responses and therefore 
helps to reduce
# overall round trip times. This is disabled by default. Uncomment the next 
line to enable it.
rest_enable_gzip = true

# Embedded elasticsearch configuration file
# pay attention to the working directory of the server, maybe use an absolute 
path here
elasticsearch_config_file = /etc/graylog2-elasticsearch.yml

elasticsearch_max_docs_per_index = 2000

# How many indices do you want to keep?
# elasticsearch_max_number_of_indices*elasticsearch_max_docs_per_index=total 
number of messages in your setup
elasticsearch_max_number_of_indices = 10

# Decide what happens with the oldest indices when the maximum number of 
indices is reached.
# The following strategies are availble:
#   - delete # Deletes the index completely (Default)
#   - close # Closes the index and hides it from the system. Can be re-opened 
later.
retention_strategy = delete

# How many ElasticSearch shards and replicas should be used per index? Note 
that this only applies to newly created indices.
elasticsearch_shards = 4
elasticsearch_replicas = 1

elasticsearch_index_prefix = graylog2.1

# Do you want to allow searches with leading wildcards? This can be extremely 
resource hungry and should only
# be enabled with care. See also: 
http://support.torch.sh/help/kb/graylog2-web-interface/the-search-bar-explained
allow_leading_wildcard_searches = false

# Do you want to allow searches to be highlighted? Depending on the size of 
your messages this can be memory hungry and
# should only be enabled after making sure your elasticsearch cluster has 
enough memory.
allow_highlighting = true

# settings to be passed to elasticsearch's client (overriding those in the 
provided elasticsearch_config_file)
# all these
# this must be the same as for your elasticsearch cluster
#elasticsearch_cluster_name = graylog2

# you could also leave this out, but makes it easier to identify the graylog2 
client instance
#elasticsearch_node_name = graylog2-server

# we don't want the graylog2 server to store any data, or be master node
#elasticsearch_node_master = false
#elasticsearch_node_data = false

# use a different port if you run multiple elasticsearch nodes on one machine
#elasticsearch_transport_tcp_port = 9350
# we don't need to run the embedded HTTP server here
#elasticsearch_http_enabled = false

#elasticsearch_discovery_zen_ping_multicast_enabled = false
#elasticsearch_discovery_zen_ping_unicast_h

[graylog2] Re: graylog2 connection to elasticsearch

2014-08-01 Thread Ankit Mittal 

>
> Hi Ankur, 


The logs provide by is show some bind error  in elasticsearch or graylog 
server.( I have not  enable any bind configuration , i am using default 
configuration).

Please use the below configuration files , i am using the same 
configuration files in my development and production environment.
 
I have attached three file please copy on the below mention path and start 
the services as mention below.

1 ) elasticsaerch.yml in your elasticsearch configuration folder or you can 
provide the configuration 


*./elasticsearch 
-Des.config=/smApp/LMS/ElasticSearch/elasticsearch_master/config/elasticsearch.yml
 
-Des.max-open-files=true*

2) graylog2.conf used by graylog server for it configuration inside /etc 
folder. We have to provide the elasticsearch details to graylog so that it 
can load the data to elasticsarch for this we use a separate file 
graylog2-elasticsearch.yml which is used by graylog to connect the 
elasticsearch cluster.

the only think that you have to change in configuration files is 
elasticsearch home path as mention above in 3 fields in elasticsearch.yml 

Please try this and start the service one by one and also verify the logs .

If the above configuration does not work please share the elasticsearch 
,graylog server and web interface logs 

Thanks,
Ankit Mittal

 

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [graylog2] Re: graylog2 connection to elasticsearch

2014-07-31 Thread ANKUR GOYAL 
Hello Ankit,

In previous to previous mail you shared 3 files : 1. elasticsearch.yml  2.
graylog2.conf  3. graylog2-elasticsearch.yml .  I am not getting that why
you using 2 files of elasticsearch ( 1. elasticsearch.yml  2.
graylog2-elasticsearch.yml).  I have setup   two machines ( on 1st machine
: elasticsearch 0.90.10on 2nd machine : graylog2-server 0.20.6 ,
graylog2-web 0.20.6 and mongodb .

Thanks,

Ankur Goyal

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: graylog2 connection to elasticsearch

2014-07-31 Thread Ankit Mittal 

>
> Hi Ankur,


Please use all the above configuration files ie elasticsearch.yml , 
graylog2.conf and graylog-elasticsearch.yml 

I think something is wrong with the graylog server it is showing some bind 
error. 

I have already made the change according to your environment.

Please try because i am using the same configuration in my environment.( 
use the lastest version of garylog server and web interface ie 0.20.6)

Thanks,
Ankit Mittal

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: graylog2 connection to elasticsearch

2014-07-31 Thread Ankit Mittal 

>
> Hi Ankur,


Please share the logs 



Thanks,
Ankit Mittal 

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [graylog2] Re: graylog2 connection to elasticsearch

2014-07-31 Thread ANKUR GOYAL 
Hello Ankit,
As suggested by you I changed the IP of both machine . Now new ip are
elasticsearch : 192.168.2.253  and graylog server : 192.168.2.254 and also
changed rest_listen_uri = http://192.168.2.254:12900 . but still same


On Thu, Jul 31, 2014 at 4:37 PM, Ankit Mittal 
wrote:

> Hi Ankur,
>
>
> Please Try using ip *192.168.2.254 <192.168.2.254>* instead of
> *172.16.2.254*  It is internal ip of that server.
>
> *enable *the rest_listen_uri = http://192.168.2.254:12900/
>   in graylog2.conf and set the same in
> graylog2-web-interface.conf
>
> Also please share the graylog server and ui logs for issue analysis .
>
> Thanks,
> Ankit Mittal
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "graylog2" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/graylog2/qzvh41ptTl4/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> graylog2+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>



-- 
ANKUR GOYAL


Contact:+91-8058552971

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: graylog2 connection to elasticsearch

2014-07-31 Thread Ankit Mittal 

>
> Hi Ankur, 


Please Try using ip *192.168.2.254* instead of *172.16.2.254*  It is 
internal ip of that server.

*enable *the rest_listen_uri = http://192.168.2.254:12900/ 
  in graylog2.conf and set the same in 
graylog2-web-interface.conf 

Also please share the graylog server and ui logs for issue analysis .

Thanks,
Ankit Mittal

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [graylog2] Re: graylog2 connection to elasticsearch

2014-07-31 Thread ANKUR GOYAL 
Hello Ankit,
I already put 172.16.2.254 in both rest_listen_uri  in graylog2.conf and
graylog2-web-interface.conf but no progress.  On ther machine elasticsearch
is showing red status.

{
  "cluster_name" : "graylog2",
  "status" : "red",
  "timed_out" : false,
  "number_of_nodes" : 2,
  "number_of_data_nodes" : 1,
  "active_primary_shards" : 2,
  "active_shards" : 2,
  "relocating_shards" : 0,
  "initializing_shards" : 0,
  "unassigned_shards" : 2

graylog2 server netstat results :

netstat -tulpn

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address   Foreign Address
Stat
e   PID/Program name
tcp0  0 0.0.0.0:22  0.0.0.0:*
LIST
EN  1265/sshd
tcp0  0 127.0.0.1:250.0.0.0:*
LIST
EN  1383/master
tcp0  0 127.0.0.1:27017 0.0.0.0:*
LIST
EN  9544/mongod
tcp0  0 :::9200 :::*
LIST
EN  1288/java
tcp0  0 :::9300 :::*
LIST
EN  1288/java
tcp0  0 :::22   :::*
LIST
EN  1265/sshd
tcp0  0 :::9000 :::*
LIST
EN  9663/java
udp0  0 :::54328
:::*
1288/java








On Thu, Jul 31, 2014 at 1:28 PM, Ankit Mittal 
wrote:

> Hi Ankur,
>
>
> Please use the below setting
> comment the rest_transport_uri
> *enable *the rest_listen_uri = http://192.168.2.254:12900/
>   in graylog2.conf and set the same in
> graylog2-web-interface.conf
>
> Please try this also i am using internal ip address in both configuration
>
> Thanks,
> Ankit Mittal
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "graylog2" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/graylog2/qzvh41ptTl4/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> graylog2+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>



-- 
ANKUR GOYAL


Contact:+91-8058552971

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: graylog2 connection to elasticsearch

2014-07-31 Thread Ankit Mittal 

>
> Hi Ankur,


Please use the below setting  
comment the rest_transport_uri
*enable *the rest_listen_uri = http://192.168.2.254:12900/ 
  in graylog2.conf and set the same in 
graylog2-web-interface.conf 

Please try this also i am using internal ip address in both configuration 

Thanks,
Ankit Mittal

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [graylog2] Re: graylog2 connection to elasticsearch

2014-07-31 Thread ANKUR GOYAL 
Hello Ankit,
Still it's showing same. No graylog2 server available to login.


On Thu, Jul 31, 2014 at 12:04 PM, Ankit Mittal 
wrote:

> Hi Ankur,
>
>
> Use the graylog2-server.uris="http://127.0.0.1:12900/"; in
> graylog2-web-interface.conf.
>
> If the above setting not work please *enable *the rest_listen_uri =
> http://172.16.2.254:12900/ and set the asame in
> graylog2-web-interface.conf
>
> Please let me know if you have any concern.
>
> Thanks,
> Ankit Mittal
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "graylog2" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/graylog2/qzvh41ptTl4/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> graylog2+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>



-- 
ANKUR GOYAL


Contact:+91-8058552971

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: graylog2 connection to elasticsearch

2014-07-30 Thread Ankit Mittal 

>
> Hi Ankur,


Use the graylog2-server.uris="http://127.0.0.1:12900/"; in 
graylog2-web-interface.conf.

If the above setting not work please *enable *the rest_listen_uri = 
http://172.16.2.254:12900/ and set the asame in graylog2-web-interface.conf

Please let me know if you have any concern.

Thanks,
Ankit Mittal

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [graylog2] Re: graylog2 connection to elasticsearch

2014-07-30 Thread ANKUR GOYAL 
Hello Ankit,
I tried some changes in graylog2 config file and now graylog2-server
service is running but still on web it's showing No graylog2 servers
available .Cannot login. Please find all the config files and log files for
elasticsearch(172.16.2.253) ,  graylog2-server and web interface,mongodb
(172.16.2.254).


On Wed, Jul 30, 2014 at 3:26 PM, Ankit Mittal 
wrote:

> Hi Ankur,
>
>
> Please follow the below steps :
>
> 1) Stop all services ( elasticsearch , graylog and graylog UI )
>
> 2) Login to  your elasticsearch server and  clean the data folder and use
> the below elasticsearch.yml file
>  Also change the */smApp/LMS/ElasticSearch/elasticsearch-0.90.10 *to your
> elasticsearch home path in elasticsearch.yml
>
> 3) Start the elasticearch search using the below command .
>
>
> *./elasticsearch
> -Des.config=/smApp/LMS/ElasticSearch/elasticsearch_master/config/elasticsearch.yml
> -Des.max-open-files=true*
>
> */smApp/LMS/ElasticSearch/elasticsearch_master/config/elasticsearch.yml *is
> user elasticsearch.yml path
>
> 4) check  the service is running on not.
>
> 5) Login to your graylog server copy *graylog2.conf*  and
> *graylog2-elasticsearch.yml*  in */etc *folder
>
> 6) Start the graylog server and check the logs
>
> the only think that you have to change in configuration files is
> elasticsearch home path as mention above in 3 fields in elasticsearch.yml
>
> Please try and let me know the result .
>
> Regards,
> Ankit Mittal
>
>  --
> You received this message because you are subscribed to a topic in the
> Google Groups "graylog2" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/graylog2/qzvh41ptTl4/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> graylog2+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>



-- 
ANKUR GOYAL


Contact:+91-8058552971

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


elasticsearch.log
Description: Binary data


elasticsearch.yml
Description: Binary data


graylog2.conf
Description: Binary data


graylog2.log
Description: Binary data


graylog2-web-interface.conf
Description: Binary data

[graylog2] Re: graylog2 connection to elasticsearch

2014-07-30 Thread Ankit Mittal 

>
> Hi Ankur,


Please follow the below steps :

1) Stop all services ( elasticsearch , graylog and graylog UI )

2) Login to  your elasticsearch server and  clean the data folder and use 
the below elasticsearch.yml file 
 Also change the */smApp/LMS/ElasticSearch/elasticsearch-0.90.10 *to your 
elasticsearch home path in elasticsearch.yml
 
3) Start the elasticearch search using the below command .


*./elasticsearch 
-Des.config=/smApp/LMS/ElasticSearch/elasticsearch_master/config/elasticsearch.yml
 
-Des.max-open-files=true*

*/smApp/LMS/ElasticSearch/elasticsearch_master/config/elasticsearch.yml *is 
user elasticsearch.yml path 

4) check  the service is running on not.

5) Login to your graylog server copy *graylog2.conf*  and 
*graylog2-elasticsearch.yml*  in */etc *folder

6) Start the graylog server and check the logs 

the only think that you have to change in configuration files is 
elasticsearch home path as mention above in 3 fields in elasticsearch.yml 

Please try and let me know the result .

Regards,
Ankit Mittal

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
# If you are running more than one instances of graylog2-server you have to 
select one of these
# instances as master. The master will perform some periodical tasks that 
non-masters won't perform.
is_master = true

# The auto-generated node ID will be stored in this file and read after 
restarts. It is a good idea
# to use an absolute file path here if you are starting graylog2-server from 
init scripts or similar.
node_id_file = /etc/graylog2-server-node-id

# You MUST set a secret to secure/pepper the stored user passwords here. Use at 
least 64 characters.
# Generate one by using for example: pwgen -s 96
password_secret = mynewpasswordsecret
# the default root user is named 'admin'
# root_username = admin
# You MUST specify a hash password for the root user (which you only need to 
initially set up the
# system and in case you lose connectivity to your authentication backend)
# This password cannot be changed using the API or via the web interface. If 
you need to change it,
# modify it in this file.
# Create one by using for example: echo -n yourpassword | shasum -a 256
# and put the resulting hash value into the following line
root_password_sha2 = 
PWYQZ10oEleOpSbmJ6DQrwYCqQFLRx94g8SK1TGicpbtvXyocGNxQ3YYM5k30dpaPkWerEnUsFfxLtgVWkBS1Vu3wmdDOxkD

# Set plugin directory here (relative or absolute)
plugin_dir = plugin

# REST API listen URI. Must be reachable by other graylog2-server nodes if you 
run a cluster.
rest_listen_uri = http://192.168.2.254:12900/

# REST API transport address. Defaults to the value of rest_listen_uri. 
Exception: If rest_listen_uri
# is set to a wildcard IP address (0.0.0.0) the first non-loopback IPv4 system 
address is used.
# This will be promoted in the cluster discovery APIs and other nodes may try 
to connect on this
# address. (see rest_listen_uri)
#rest_transport_uri =

# Enable CORS headers for REST api. This is necessary for JS-clients accessing 
the server directly.
# If these are disabled, modern browsers will not be able to retrieve resources 
from the server.
# This is disabled by default. Uncomment the next line to enable it.
rest_enable_cors = true

# Enable GZIP support for REST api. This compresses API responses and therefore 
helps to reduce
# overall round trip times. This is disabled by default. Uncomment the next 
line to enable it.
rest_enable_gzip = true

# Embedded elasticsearch configuration file
# pay attention to the working directory of the server, maybe use an absolute 
path here
elasticsearch_config_file = /etc/graylog2-elasticsearch.yml

elasticsearch_max_docs_per_index = 2000

# How many indices do you want to keep?
# elasticsearch_max_number_of_indices*elasticsearch_max_docs_per_index=total 
number of messages in your setup
elasticsearch_max_number_of_indices = 10

# Decide what happens with the oldest indices when the maximum number of 
indices is reached.
# The following strategies are availble:
#   - delete # Deletes the index completely (Default)
#   - close # Closes the index and hides it from the system. Can be re-opened 
later.
retention_strategy = delete

# How many ElasticSearch shards and replicas should be used per index? Note 
that this only applies to newly created indices.
elasticsearch_shards = 4
elasticsearch_replicas = 1

elasticsearch_index_prefix = graylog2.1

# Do you want to allow searches with leading wildcards? This can be extremely 
resource hungry and should only
# be enabled with care. See also: 
http://support.torch.sh/help/kb/graylog2-web-interface/the-search-bar-explained
allow_leading_wildcard_searches = false

# Do you want to allow searches to be highlighted? Depending on the size of 
your messages this c

Re: [graylog2] Re: graylog2 connection to elasticsearch

2014-07-30 Thread ANKUR GOYAL 
Hello Ankit and Dennis,

I changed the below settings as suggested but still same error when
starting graylog2-server.

elasticsearch_discovery_zen_ping_unicast_hosts = 172.16.2.254:9200


to

elasticsearch_discovery_zen_ping_unicast_hosts = 172.16.2.254:9300





On Tue, Jul 29, 2014 at 3:18 PM, Ankit Mittal 
wrote:

> Hi Ankur,
>
>
> Did you check the opens of both server from your machine.
> if not please try *telnet *to check port opening.
>
>
>
> Thanks,
> Ankit Mittal
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "graylog2" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/graylog2/qzvh41ptTl4/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> graylog2+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>



--

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: graylog2 connection to elasticsearch

2014-07-30 Thread Ankit Mittal 

>
> Hi Ankur,


Please change the below setting in graylog2.conf
 

elasticsearch_discovery_zen_ping_unicast_hosts = 172.16.2.254:9200


to 

elasticsearch_discovery_zen_ping_unicast_hosts = 172.16.2.254:9300




Regards,

Ankit Mittal

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: graylog2 connection to elasticsearch

2014-07-30 Thread Ankit Mittal 

>
> Hi Ankur,


I think the port no 9350 is already in us on your graylog server by some 
other application.
Also check the firewall setting in cent OS ( port should be open from 
graylog server to elastisearch server )

Regards,
Ankit Mittal 

>  

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [graylog2] Re: graylog2 connection to elasticsearch

2014-07-30 Thread Dennis Oelkers 
Hey Ankur,

did you make sure that your the cluster names configured in your elasticsearch 
configuration and your graylog2 config file are identical?

Kind regards,
D.

On 30.07.2014, at 09:18, ANKUR GOYAL  wrote:

> Hello ,
> 
> Still I am stuggling to get run my graylog2 server. Please help me .  I 
> installed elasticsearch 0.90.10 on Centos 6.5 64 bit machine having IP 
> 172.16.2.253 . and on other centos 6.5 64 bit machine having ip 172.16.2.254, 
> installed mongodb, graylog2-server 0.20.6 and graylog2-web interface 0.20.6 
> Still in /var/log/graylog2.log it's showing no elasticsearch master was 
> found.and after 10-15 seconds  service graylog2-server status shows  
> graylog2-server dead but subsys locked . Please help me. I am frustrated. I 
> am attaching all the files here. Please reply ASAP.
> 
> 
> Thanks in Advance.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "graylog2" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to graylog2+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
> 

--
TORCH GmbH
Steckelhörn 11
20457 Hamburg
Tel  +49 (0)40-60945200
https://www.torch.sh
 
Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175
Geschäftsführer: Lennart Koopmann

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [graylog2] Re: graylog2 connection to elasticsearch

2014-07-29 Thread ANKUR GOYAL 
Hi Ankit,
I tried to install graylog2 0.20.6 but graylog2 service is not running,when
I run it it stops after some seconds and when I check status of service
then it says graylog dead but subsys exists.
On Jul 29, 2014 11:50 PM, "Ankit Mittal"  wrote:

> Hi Ankur,
>
>
> I think graylog ui is not connecting with graylog server.
> please share you configuration file pg graylog server abd graylog ui.
>
> Regards,
> Ankit Mittal
>
>>
>
>  --
> You received this message because you are subscribed to a topic in the
> Google Groups "graylog2" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/graylog2/qzvh41ptTl4/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> graylog2+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: graylog2 connection to elasticsearch

2014-07-29 Thread Ankit Mittal 

>
> Hi Ankur,


I think graylog ui is not connecting with graylog server.
please share you configuration file pg graylog server abd graylog ui.

Regards,
Ankit Mittal 

>  

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: graylog2 connection to elasticsearch

2014-07-29 Thread Ankit Mittal 

>
> Hi Ankur,


Did you check the opens of both server from your machine.
if not please try *telnet *to check port opening.  



Thanks,
Ankit Mittal

-- 
You received this message because you are subscribed to the Google Groups 
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.