[graylog2] Re: Nodes- Connection to machines

HI Jochen, Sure. Below are the snapshots of GELF-TCP input running and the other one saying "Address already in use" Can you please go through it and let me know where am I going wrong. I have also attached the config files for reference. Thank you On Tuesday, March 29, 2016 at

[graylog2] Regex match not working

Hi I have an extractor that tried to extract a numeric field from a message. I am using split and index and field content can sometimes contain a "-" instead of a number. I have a regex pattern that checks for valid numerals - "\d+" But Graylog still extracts the field even if it just

[graylog2] Re: Application log access

Jochen, Awesome. got it Thank you On Monday, March 21, 2016 at 9:55:02 PM UTC-7, sikender...@acesred.com wrote: > > Hi All, > > I have a application in my linux machine with some ip "x.x.x.x" can anyone > tell me how to configure those application logs into graylog. It's a linux >

[graylog2] Re: Link to instructions on how to manually install the latest beta?

Looks like simply enabling this is not enough, are there default keys and certificates or do I need my own? rest_enable_tls = true Enabling that and web_enable_tls = true kinda works, I am able to reach the web interface via https but cannot log in. Checking my console with chrome I see:

[graylog2] Re: Link to instructions on how to manually install the latest beta?

OK, I get it. This test machine is on a virtual machine on the internet publicly accessible. So what is the best practice? Edit server.conf and enable HTTPS everywhere? Would that suffice? -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To

[graylog2] Re: rsyslog logging

Thanks. FYI this is where I got the other option from in case you'd like to correct it: http://docs.graylog.org/en/2.0/pages/getting_started/rsyslog.html -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and

[graylog2] Re: rsyslog logging

Hi Ovidiu, the second version is correct, also see https://github.com/Graylog2/graylog-guide-syslog-linux/blob/master/README.md for details. Cheers, Jochen On Tuesday, 29 March 2016 16:10:12 UTC+2, Ovidiu Pacuraru wrote: > > I've found 2 different methods and was wondering which one is the

[graylog2] rsyslog logging

I've found 2 different methods and was wondering which one is the suggested one: a) *.* @127.0.0.1:5140 b) *.* @127.0.0.1:5140;RSYSLOG_SyslogProtocol23Format -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and

[graylog2] Re: Link to instructions on how to manually install the latest beta?

Thanks Jochen, here are some more questions: a) why is it not respecting this setting though: web_listen_uri = http://edgar.ict-consult.co.za/ I tried: http://edgar.ict-consult.co.za/ - doesn't work and http://edgar.ict-consult.co.za:9000/ seems to work. b) if I set it up like this does that

[graylog2] Re: Link to instructions on how to manually install the latest beta?

Hi Ovidiu, rest_listen_uri = http://127.0.0.1:12900/ rest_transport_uri = http://127.0.0.1:12900/ Starting with Graylog 2.0.0, the web interface is a single page application (SPA) which directly communicates with the Graylog REST API. If you bind the Graylog REST API to localhost with those

[graylog2] Re: Link to instructions on how to manually install the latest beta?

Oh, I haven't thought about caching issues. Have reset the config and tried another browser and even emptied its cache before hand. => http://pastebin.com/puPzwEN1 Problem still persists as above. Btw. I had downloaded your alpha5 appliance and converted the VMDK into a Proxmox compatible

[graylog2] Re: Application log access

Hi Sikender, 1) DO we need to configure syslog file in graylog server ("X") too ??? or > else only installation of agent (graylog-collector) in Y target server is > fine > The syslog daemon doesn't need to be configured specifically on the system running Graylog. It is sufficient to start

[graylog2] Re: LDAP Error Graylog does not yet support multiple LDAP backend.... This is a bug, ignoring LDAP config.

Hi Tom, that usually shouldn't happen. Please check the ldap_settings collection in your MongoDB database and either remove all documents in that collection or all but the most recent one: - https://docs.mongodb.org/getting-started/shell/client/ -

[graylog2] Re: Delete by Query (XDELETE) not works

Hi Steve, I suggest asking purely Elasticsearch-related questions on the Elastic discussion board at https://discuss.elastic.co/c/elasticsearch or in the #elasticsearch channel on freenode IRC ( https://webchat.freenode.net/?channels=%23elasticsearch). Cheers, Jochen On Tuesday, 29 March 2016

[graylog2] Re: Is it possible to index a MSSQL Database?

> > Thank you Jochen, >> > we will try that! Cheers; Toni -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view

[graylog2] Re: User Time Configuration Discrepancy

Hi Roland, thanks for reporting this! It looks like this is a bug in the web interface which doesn't allow users to change their time zones. As a workaround, you should be able to change the user's time zone as admin user on the System -> Users page. I've created a bug report on GitHub to

[graylog2] Handling of future timestamps

We recently had the problem that some of our machines were running with a system time several days in the future. Since the log's timestamps are used when indexing in graylog, those log entries only showed up when selecting a future timeframe, not when they really were logged. Is it somehow

[graylog2] Re: Is it possible to index a MSSQL Database?

Hi Toni, what exactly do you want to index from your MSSQL database? Actual contents of the database or log files generated by the database server? Cheers, Jochen On Tuesday, 29 March 2016 10:39:41 UTC+2, toni.fro...@scaltel.de wrote: > > Hi there, > > we are trying to index a MSSQL database

Re: [graylog2] Export As CSV error message

Hi Paul, We should investigate that issue a bit further. Would you be so kind as to create a ticket in our Github repository? https://github.com/Graylog2/graylog2-server/issues/ Thank you, Edmundo > On 28 Mar 2016, at 14:46, Paul Pompetti wrote: > > I've just setup

[graylog2] Is it possible to index a MSSQL Database?

Hi there, we are trying to index a MSSQL database into Graylog, but we dont know how to do.. We have already tryed with packetbeat and the Beats input plugin for Graylog but without success. Is there a possibility to index a SQL database into Graylog? Greetings, Toni -- You received this

[graylog2] Re: script from url was blocked due to mime type mismatch

Hi Amit, thanks for reporting this. It seems this was a bug in the code delivering the web interface assets. I've created a bug report on GitHub to track this issue: https://github.com/Graylog2/graylog2-server/issues/1982 Cheers, Jochen On Monday, 28 March 2016 15:32:14 UTC+2,