Re: [graylog2] Regex statement for a raw log

You're welcome. I did just spot an error I made in the examples... the time pattern has a decimal point in it, and that will need to be escaped in all of the patterns that use contain that field. threadid: ​^.+\s\d\d:\d\d:\d\d.\d+\s\d+s(\d+)\s+\d+\s+ should be threadid:

[graylog2] Re: Graylog docker allinone keeps falling over

I am experiencing the same problem with the newest image from DockerHub. After running a couple of searches, the CPU goes to 100% and then the frontend stops responding. I have to restart the container to get it to come back to life. I noticed that there are preconfigured syslog and gelf

Re: [graylog2] Regex statement for a raw log

Joi thank you so much. :) On Mon, Feb 1, 2016 at 10:18 PM, Joi Owen wrote: > This is the sort of thing that can take some trial and error to get > perfect, and I doubt anyone on this list has messages of exactly this > format hitting their own servers, so it will be hard for

[graylog2] Re: Renaming fields

You could work this around by rewriting messages with drools like here: http://docs.graylog.org/en/1.3/pages/drools.html, with modify($m) { removeField("unwantedField") } W dniu piątek, 29 stycznia 2016 10:38:03 UTC+1 użytkownik thePretender napisał: > > Hi, > > For normalization purposes, I

[graylog2] Re: Graylog v1.3.3 Start up FreeBSD

Hi, the second assignment of GRAYLOG2_CLASSPATH looks very strange. It doesn't make much sense to list each JAR file in the lib/ directory separately. Take a look at the SysV init script for the Graylog 1.3.3 web interface to get an idea how your startup script might look like:

[graylog2] Re: WARN : org.graylog2.periodical.NodePingThread - Did not find meta info of this node. Re-registering.

Hi Steve, I'd not recommend disabling the message journal at all as it's being used to buffer messages if the processing steps or the output to the backend (Elasticsearch) takes too long. Cheers, Jochen On Monday, 1 February 2016 11:34:02 UTC+1, st...@cherryfamily.co.uk wrote: > > Hi Jochen

[graylog2] Re: WARN : org.graylog2.periodical.NodePingThread - Did not find meta info of this node. Re-registering.

Hi Jochen Thanks for the reply. I've actually tried turning off the journal, message_journal_enabled = false this didn't seem to make any difference. The VMWare host I'm running the two nodes on are quite heavily loaded with high CPU wait times. I decided to move the nodes to a dedicated

Re: [graylog2] Measuring Time Difference from two messages.

I can correlate the two messages in a way a computer could understand, using a pattern or a regex. Gabriel Coutinho Brêtas Netto Desenvolvedor gabriel.couti...@oobj.com.br | 62 3086.5750

[graylog2] Re: Renaming fields

Thanks, that seems to do the trick. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web

Re: [graylog2] Regex statement for a raw log

This is the sort of thing that can take some trial and error to get perfect, and I doubt anyone on this list has messages of exactly this format hitting their own servers, so it will be hard for us to give you proven tested-and-good answers, we can only point you in the right direction. You need

[graylog2] Get Graylog Data Storage amount

Hello, is there any way so see which amount of data is indexed a day (Not the count of events, the required storage (mb,gb))? If not is there a console command which can tell me that? Greetings, Toni -- You received this message because you are subscribed to the Google Groups "Graylog

Re: [graylog2] Measuring Time Difference from two messages.

Hej Gabriel, did you have any possible way to identify the message? So that you are able to tell that this two messages belongs to each other in a way that can be recognise by a computer? Or did you need to know something special to see the correlation between the messages? If you are able to