[graylog2] Re: Issue running d-fens ExecScript AlarmCallback plugin

Thanks. I will investigate that. However, the javascript version should've run then. But I keep get an error that the message object is "null" and so getSource() cannot work on it. If it put just this in the test js file - print("AlarmCallback: Now this is a message: " + message + "\r\n"); I

[graylog2] Re: Delete messages with syslog level 7

Hi Steve, please refer to https://www.elastic.co/guide/en/elasticsearch/guide/1.x/query-dsl-intro.html for an introduction to the Elasticsearch Query DSL. Keep in mind, that the "message" field is not the query you'd enter in the Graylog web interface. For example there is a separate "level"

[graylog2] Re: Graylog 2.0.0-alpha.3 errors upon logging into web ui

Did you find the problem ? Very stupid question but is http://:12900/ reachable from the Graylog machine ? -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

[graylog2] Issue running d-fens ExecScript AlarmCallback plugin

I'm looking to run a script so I can post some passive check status to nagios via send_nsca and found the d-fens ExecScript AlarmCallback plugin. After building the jar file and placing it in graylog-server/plugins/alarm_callback dir I can select the "d-fens SCRIPT AlarmCallback" plugin. The

Re: [graylog2] Re: [Disk Journal] Deletion

Could you do this? http://docs.graylog.org/en/1.3/pages/blacklisting.html On Thu, Mar 17, 2016 at 5:13 AM, Jochen Schalanda wrote: > Hi, > > you can't delete individual messages from the journal (at least not > easily). > > Cheers, > Jochen > > On Thursday, 17 March 2016

[graylog2] Re: [Disk Journal] Deletion

Hi, you can't delete individual messages from the journal (at least not easily). Cheers, Jochen On Thursday, 17 March 2016 09:25:35 UTC+1, kaiser wrote: > > Ok thank you Jochen. > > if I delete some events in the journal files by filtering only on a > specific host, would it be safe? > >

[graylog2] Re: Newb Question - Graylog and Alarm script actions

Hi Jason, there are some 3rd party plugins which allow executing external scripts or processes in various conditions: - https://github.com/dfch/biz.dfch.j.graylog2.plugin.alarm.execscript - https://github.com/dfch/biz.dfch.j.graylog2.plugin.input.execscript -

[graylog2] Re: graylog 1.2.2 ldap not saving settings

I dont know for sure if this will help, but what I would look at is that all 3 nodes server.conf have the same hashed password as the web.conf -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving

[graylog2] Graylog config

Hallo, so i have install the OVA from graylog and config it like the tutorials on the Page. CommandDescription sudo graylog-ctl set-admin-password Set a new admin password sudo graylog-ctl set-admin-username Set a different username for the admin user sudo graylog-ctl set-email-config

Re: [graylog2] Gralog OVA Konfiguroieren

> > > Okay running now but unfortunately I do not get logs of my system I have set up as described above, a Windows server but get no logs back. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop

[graylog2] Re: Graylog config

I have install nxlog on a Windows maschin an config it but there dosent connect on the graylog server in the logs of nxlog is this message 2016/03/16 16:16:20 [error] 2703#0: *5446 connect() failed (111: Connection refused) while connecting to upstream, client: 172.20.100.101, server: ,

[graylog2] Re: Graylog2 v1.3.2 - 2 errors - 401 Unauthorized body and cannot parse message, encountered ":"

Thanks much. 1. thanks. Will find and fix any alert settings using the unescaped : 2. thanks for confirming this. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an

[graylog2] Graylog2 v1.3.2 - 2 errors - 401 Unauthorized body and cannot parse message, encountered ":"

Hi, I'm running graylog2 v1.3.2 and I'm unable to determine what is causing these 2 alerts as follows. Any help is much appreciated - 1. in server.log - seeing - 2016-03-17T23:03:09.164-04:00 ERROR [AlertScannerThread] Skipping alert check that threw an exception.

[graylog2] Re: graylog 1.2.2 ldap not saving settings

W dniu czwartek, 17 marca 2016 22:07:49 UTC+1 użytkownik Mike Daoust napisał: > > I dont know for sure if this will help, but what I would look at is that > all 3 nodes server.conf have the same hashed password as the web.conf > > I've checked hashed password for all 3 nodes and: 1. fields named

[graylog2] Re: [ANNOUNCE] Graylog v2.0-alpha.5 has been released

Hi, you're running the Anonymous Usage Statistics plugin in an incompatible version. Please use the Anonymous Usage Statistics plugin that is shipped with Graylog 2.0.0-alpha.5. Cheers, Jochen On Friday, 18 March 2016 20:40:23 UTC+1, fanirama wrote: > > Hi, > Getting an error starting

[graylog2] use graylog to monitorize and store Checkpoint Firewall log´s it´s possible?how?

Sorry for the cuestion, im very noob in syslog and similar. I´m searching a way to do, but im lost. Its possible to use graylog server and the fw1 loggrabber to log/store a checkpoint firewall logs? someone he try this? Thank for the attention and excuse me my bad english. -- You received

Re: [graylog2] Collector using TLS/SSL

Can someone provide the instructions necessary to run the collector with client authentication? I successfully configured the client and the server without the client verification "required" on. As soon as I turn it on, the errors on the server are: *javax.net.ssl.SSLHandshakeException: null

[graylog2] [Disk Journal] Deletion

Hello, One of my server had a script generating a lot of errors: 5 millions logs in ten minutes As a consequence, my graylog process buffer is used at 100% The disk journal utilization is at 70% with millions of unprocessed messages. Is it possible to delete the unprocessed messages because

[graylog2] Re: [ANNOUNCE] Graylog v2.0-alpha.5 has been released

Hi Vikram, we're currently plan to release Graylog 2.0.0 sometime in April 2016. You can help us speed up the process by extensively testing the Graylog 2.0.0 alpha and (upcoming) beta versions. Cheers, Jochen On Friday, 18 March 2016 12:59:26 UTC+1, Vikram Babu wrote: > > When can we expect

[graylog2] Re: [Export CSV] full_message field

Hi, it looks like there are simply no messages which contain a full_message field in your database, which is fine since that's an optional field. What exactly do you want to achieve? Cheers, Jochen On Thursday, 17 March 2016 09:23:24 UTC+1, kaiser wrote: > > Hello Jochen, > > Yes that s what

[graylog2] Preventing Flooding

We have concerns that any one of our machines could have an issue and suddenly start flooding Graylog with a million messages per second (as an example) and filling up all our indexes and disk space 1000x faster than anticipated while we were away for the weekend; we have fears of coming in on

[graylog2] [ANNOUNCE] Graylog v1.3.4 has been released and contains an important security fix

Hi everyone, we just released Graylog v1.3.4, which contains an important security fix. Read more in the release notes and upgrade: * https://www.graylog.org/blog/49-graylog-1-3-4-is-now-available Thanks, Lennart -- You received this message because you are subscribed to the Google Groups

[graylog2] Graylog API Key

Hello everybody, I want to check my graylog stats with a nagios plugin. But for this I need the Graylog API key. Has anybody an idea how I can find the key? Best regards nkinkel -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To

[graylog2] Re: Issue running d-fens ExecScript AlarmCallback plugin

Hi, without being too familiar with the mentioned plugin, it looks like you didn't put Jython on the classpath of your Graylog server in order to be able to use the "python" scripting engine. By default, Java 8 only supports JavaScript (via Nashorn) as scripting engine. See

[graylog2] Re: graylog 1.2.2 ldap not saving settings

Hi kluch, all Graylog server nodes in a cluster must use the same password_secret (and application.secret for the web interface) which is, among other things, being used to encrypt and decrypt the LDAP credentials in MongoDB. Cheers, Jochen On Friday, 18 March 2016 13:12:14 UTC+1, kluch

[graylog2] Re: ERROR: org.graylog2.periodical.IndexRotationThread - Couldn't point deflector to a new index org.elasticsearch.discovery.MasterNotDiscoveredException: waited for [30s]

Hi Shrawan, the hostname "localhost2" mentioned in the error message looks fishy. Check your configuration files for misspelled hostnames. Cheers, Jochen On Thursday, 17 March 2016 08:51:46 UTC+1, Shrawan Bhagwat wrote: > > Hi All, > > I am getting the below mentioned error in graylog logs: >

[graylog2] Re: Graylog2 v1.3.2 - 2 errors - 401 Unauthorized body and cannot parse message, encountered ":"

Hi, the first error is being caused by an invalid Lucene query. The colon character (":") is a reserved character which must be escaped properly (see https://www.elastic.co/guide/en/elasticsearch/reference/1.7/query-dsl-query-string-query.html#_reserved_characters). Since the error is caused

[graylog2] Re: [Export CSV] full_message field

Hi, the functionality is still there. Keep in mind, that the list in the "Fields" section only shows field names of the messages found with your current search query. Click on "all fields" below the list of fields to get a list of all fields of all messages. This should also contain the

[graylog2] Newb Question - Graylog and Alarm script actions

Hello - total newb to Graylog - started yesterday and have a working 1.3.3 environ on Centros with logs coming in from Windows, Cisco and Linux plus basic alerts coming out via email Very impressed with the tool so far I do have a follow on requirement and hope the community can point me in the

[graylog2] Re: [ANNOUNCE] Graylog v1.3.4 has been released and contains an important security fix

Did an upgrade without any problems. Tank you for the work. Op woensdag 16 maart 2016 20:24:17 UTC+1 schreef lennart: > > Hi everyone, > > we just released Graylog v1.3.4, which contains an important security > fix. Read more in the release notes and upgrade: > > *