Yea, seems I have to run that every time a new indice is started - easy fix
once it is noticed, but still a slight annoyance.
On Thursday, September 3, 2015 at 12:39:59 PM UTC+12, Drew Miranda wrote:
>
> I've been suffering from this myself. There have been numerous issues
> opened on the issue
I've been suffering from this myself. There have been numerous issues
opened on the issue tracker and they have addressed this the 1.2 release (i
still haven't tested it yet).
On Tuesday, September 1, 2015 at 9:01:57 PM UTC-5, Werner van der Merwe
wrote:
>
> It did indeed!
> Thanks very much
>
Can you elaborate on your configuration?
1. Is the dashboard using a query from a stream or global search?
2. If you use the "play" button icon to replace the search are any
results present?
3. When you do use the search and if the relative time frame is empty,
does an absolute s
For anyone else who has this problem in the future the solution was to
shutdown graylog delete /var/opt/graylog/data/journal/.kafka_cleanshutdown
and restart
On Wednesday, September 2, 2015 at 10:17:34 AM UTC-7, Ed Totman wrote:
>
> kafka.common.KafkaException: Failed to acquire lock on file .lo
kafka.common.KafkaException: Failed to acquire lock on file .lock in
/var/opt/graylog/data/journal. A Kafka instance in another process or
thread is using this directory.
Stopped and restarted graylog-server, rebooted, deleted lock file, nothing
works. Any suggestions?
--
You received this m
We ran into an issue with the provided AWS images. These were created from
version 1.1.4. This image uses MBR for partitioning instead of GPT, so that
rules out larger than 2TB volumes. Scaling out will increase costs much
more than resizing the volume.
Any suggestions on the best way to resiz
Hi Santhosh,
if you just want to give two distinct user groups access to different logs,
you can probably just use the stream feature of Graylog (
http://docs.graylog.org/en/1.1/pages/streams.html). If you really want to
operate two completely separate instances of Graylog, you need to let them
Hi
We have setup the graylog on a server. We have configured two instances
for ex: log1.com and log2.com. ,We want the segregate the logs between
these two instances i.e logs which we are able to view in one instance
should not be visible in another instance. Is there any way to change the
c
Configuration is exactly as it was previously and I have had to revert back
and forth between HTTP and HTTPS a few times while I've tested and reverted
to get thigns working again.
Following variables are set when using HTTPS:
*Server*
rest_listen_uri = https://server2.example.com:12900/
rest_
Hi Vlad,
please make sure that all required Grok patterns, which COMBINEDAPACHELOG
is using, have been correctly imported into your Graylog instance (System
-> Grok Patterns). You can import existing patterns from
https://github.com/logstash-plugins/logstash-patterns-core/tree/master/patterns
Hi Tim,
is your Graylog server node configured to serve the REST API via HTTPS?
Maybe the configuration file was altered/overwritten during the upgrade.
Cheers,
Jochen
On Wednesday, 2 September 2015 12:35:05 UTC+2, Tim Cooper wrote:
>
> Nothing else of note in either /var/log/graylog-server/se
Hi Pica,
thanks for reporting this! I've opened a ticket for this issue on GitHub at
https://github.com/Graylog2/graylog2-images/issues/85.
Cheers,
Jochen
On Wednesday, 2 September 2015 12:04:46 UTC+2, Joan Picanyol i Puig wrote:
>
> Hi there,
>
> We're using the 1.1.6 OVAs, and found out tha
I tried Recalculate index but still the same .
I had disk space issue so stopped the graylog and increased my disk and
restarted the graylog. this was the only issue i faced. Moreover i have
time based retention of indices
On Wednesday, September 2, 2015 at 6:58:14 AM UTC+5:30, Drew Miranda w
Hi Edmudo,
I don't have a special pattern. Just %{COMBINEDAPACHELOG}.
I'm not sure if that is enough or not.
Regards,
VP.
On Wednesday, 2 September 2015 13:04:36 UTC+3, Edmundo Alvarez wrote:
>
> Hi,
>
> most likely the log message is not matching the pattern you try to use. We
> can't help y
Hi,
I have Graylog version 1.1.6. I have used https://grokdebug.herokuapp.com/
to discover the pattern, so the result of that log is the
"%{COMBINEDAPACHELOG}" pattern, which is not working in graylog.
Or do I have to create a pattern like: %{IPORHOST:clientip}
[%{HTTPDATE:timestamp}\] "%{WO
Nothing else of note in either /var/log/graylog-server/server.log
or /var/log/graylog-web/application.log.
Server end doesn't seem to report any errors at all, last lines are that
the inputs are running and everything looks well? Is there somewhere else I
should be looking?
--
You received t
Hi,
most likely the log message is not matching the pattern you try to use. We
can't help you much more if you don't share the Grok pattern you are using,
please share the contents of the "COMBINEDAPACHELOG" pattern as you see in the
System -> Grok patterns page. Please also be aware that the m
Hi there,
We're using the 1.1.6 OVAs, and found out that nginx's logs are not
being rotated:
ubuntu@EXPGRAYLOG1:~$ sudo sh -c 'du -sh /var/log/graylog/nginx/*'
15G /var/log/graylog/nginx/access.log
4.0K/var/log/graylog/nginx/config
0 /var/log/graylog/nginx/current
244K/var/log/g
Hi,
Yes. And the same result. I have no errors on nodes.
P.S. Logs are shipped with rsyslog. Am I missing something?
Thanks,
VP.
On Tuesday, 1 September 2015 11:37:07 UTC+3, Jochen Schalanda wrote:
>
> Hi,
>
> did you add the respective Grok patterns to your Graylog installation
> (System -> G
Hi Tim,
are there any other or more detailed error messages in the logs of the
Graylog web interface or the Graylog server node(s)?
Cheers,
Jochen
On Wednesday, 2 September 2015 10:17:48 UTC+2, Tim Cooper wrote:
>
> I've just upgraded my Graylog installation to 1.2 RC and since the upgrade
>
Ahaha, that was too obvious for me to notice it...
Thanks a lot for the tip !
Regards
2015-09-02 9:43 GMT+02:00 Kay Röpke :
> Hi!
>
> If you extract that field (and make sure to use a numeric converter), you
> can use the statistics button on a search page.
> That will display a table containing
I've just upgraded my Graylog installation to 1.2 RC and since the upgrade
my graylog-web node can no longer connect to the REST API of either of my
graylog-server nodes using TLS and I have had to revert back to HTTP.
I get these application logs (real domain removed) on the graylog-web node,
Hi!
If you extract that field (and make sure to use a numeric converter), you can
use the statistics button on a search page.
That will display a table containing the avg and max values across the search
result.
You can then add some of the statistics to a dashboard via the “add to
dashboard” b
Hello,
In a logfile of a application we use, the last field indicates the elapsed
time of the transaction. Is there a way to create a dashboard with the
average of these values and the max value ?
Or maybe should I look into something like writting a Munin plguin for this
?
--
Regards,
Jean-Luc
24 matches
Mail list logo
