Hello. I have a task to put up a stream that cathes all failed ssh
attempts. The graylog2 service is already up and running and some streams
are configured. I have understood how to make a new stream but after that
im stuck. I have tried google, graylog2 stream guide, stream examples,
graylog2
Graylog 1.0.0.
I've specified my local time zone for both server & web interface and the
system time is correct on all systems running graylog-related services
(mongodb, elasticsearch, graylog-server, graylog-web).
What did I miss?
User admin:2015-03-16 11:50:29.354 -05:00Web browser:2015-03-1
Hey,
I have a graylog v1.0.0 running on centos 6.6 like a charm.
I have several stream and dashboard definitions in my server and i manage
my graylog users with ldap integration which works great.
But i've a question :
When my ldap users login at the first time, graylog doesnt let them to se
Can anyone running the new 1.0.1 code verify that their Drool rules are
working? I've verified the rules_file path and the rules file. I am
using the prebuillt OVA build from graylog with the changed config file at
/opt/graylog/conf/graylog.conf and the rules file in the same location of
/op
Wed, 18 Mar 2015 06:38:51 -0700 (PDT), Abdüllatif ERKAYA
:
> Does anyone have to answer ? How do I solve this elasticsearch
> problem ?
First you can be sure it's an elasticsearch problem. When you query the
ElasticSearch cluster, what's the status?
curl -XGET 'http://localhost:9200/_cluster/he
Does anyone have to answer ? How do I solve this elasticsearch problem ?
On Tuesday, March 17, 2015 at 8:36:23 PM UTC+2, Abdüllatif ERKAYA wrote:
>
> I am getting 500 logs per second. It may have an impact ?
>
> On Tuesday, March 17, 2015 at 3:12:37 PM UTC+2, Abdüllatif ERKAYA wrote:
>>
>> I st
Are you sending them with Gelf? All to the same input?
If you do, then you possibly could configure a stream alert on that input,
making a trigger on your event, and in the alert condition you can configure
the amount of alerts in a time based manner.
On Monday, March 16, 2015 at 11:38:38 PM UTC+
Hi all,
some help needed. After updating to 1.0.1 all my inputs (2) and extractors
are gone.
Before the updateI created a contend pack, is there anyone that can help
rewriting it
to get my inpus back?
below her is the pack.
{
"id" : null,
"name" : "Nagios bundle",
"description" : "Backup