[graylog2] Customize class org.graylog2.restclient.models.UniversalSearch

Hi all, I download and customize source code web interface from https://github.com/Graylog2/graylog2-web-interface/tree/1.2.2 when i search log,I want to modify number of result per page.And I did something: +I found class UniversalSearch in package

[graylog2] Graylog v2.0-alpha.3 nginx reverse proxy

I'm trying to get a reverse nginx proxy working for Graylog v2.0-alpha.3 to access Graylog externally. The Nginx settings are as follows: Server { listen 80; server_name example.com; location /api { proxy_set_headerX-Forwarded-For $proxy_add_x_forwarded_for;

[graylog2] High-Availability with VM Appliance

Is it possible to convert the MongoDB DB in the VM appliance to a Replica Set? Currently we have setup 3 VMs, and things work, however if vm1(master) goes offline, things just stop. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To

[graylog2] This stream has never triggered an alert.

Hello everybody. I'm using GL 1.3.3 and sending Windows logs to GL with NXLOG via GELF. I have test condition like this , I'm creating a stream but its not sending email. The condition is Event ID: 4724 and each time I try to match my condition with an existing log line, it matches. The test

[graylog2] Re: This stream has never triggered an alert

I have the same problem. GL 1.3 and the stream never fires an email alert On Friday, February 12, 2016 at 4:50:44 PM UTC+2, Mike Villines wrote: > > I am using the OVA (tried both stable v1.3.3 and v2.0 alpha) and have set > up a very simple stream on the default syslog UDP input. I am

[graylog2] False Positives On Stream Alerts

I have some alerts set up that trigger after a period without any log messages. For the most part they work as expected but I get the occasional false positive. All of the alerts that trigger due to there being log messages within a given time frame work as expected and I haven't had any

[graylog2] Re: Source RPMS

Hi Jochen, thanks a lot! On Tuesday, February 23, 2016 at 2:01:15 PM UTC, Jochen Schalanda wrote: > > Hi Rui, > > we currently don't create or publish SRPMs for Graylog. The RPM packages > are being built using the awesome fpm > and fpm-cookery >

[graylog2] graylog 1.3 and ldap (again ?)

Hi, I try to setup ldap authentication as many others have before me, but there are behaviours I don't understand. The LDAP is an AD. First there are green lights when everything is wrong : So I saw that I should get information about the user when it works, but it was strange the first

[graylog2] Re: Source RPMS

Hi Rui, we currently don't create or publish SRPMs for Graylog. The RPM packages are being built using the awesome fpm and fpm-cookery , see https://github.com/Graylog2/fpm-recipes for details. Cheers, Jochen On

[graylog2] SYSLOG Output plugin

Hi, I have installed syslog output plugin on Graylog 1.3.3 but after configured a stream rule I receive following errors: 2016-02-23T13:26:28.739+01:00 ERROR [Messages] Failed to index [1] messages. Please check the index error log in your web interface for the reason. Error: failure in bulk

[graylog2] Source RPMS

HI all. Is there a place where I can download graylog SRPMS? Thanks, Rui -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

[graylog2] Re: How to Increase Heap Size for Graylog Collector

I figured it out eventually for a collector installed via RPM on CentOS 7 the default initial Java heap size (-Xms) is set to 12MB maximum Java heap size (-Xmx) is set to 64MB You can configure the settings in */usr/share/graylog-collector/graylog-collector-script-config.sh *or you can run

[graylog2] Re: Aging older data to slow nodes

Hi Mike, changing the index naming schema (except for the prefix) is currently not supported in Graylog. Cheers, Jochen On Monday, 22 February 2016 23:05:16 UTC+1, Mike Daoust wrote: > > prepend was the wrong word, sorry. I think what I meant is clear though. > > graylog2_date/time > > On

Re: [graylog2] Re: Aging older data to slow nodes

* Mike Daoust [20160222 22:54]: > prepend was the wrong word, sorry. I think what I meant is clear though. > > graylog2_date/time > > On Monday, February 22, 2016 at 4:03:51 PM UTC-6, Mike Daoust wrote: > > > > Is there a way to have the graylog index prepend the