Hi,
I'm running Graylog 2.0.0-rc.1 in a 2 node cluster. First node is primary
running all services. Second node is configured as backend. When the
secondary node is down, the primary can output around 8k messages per
second. Once the secondary node is up and running the output will get down
Nevermind i think i fixed it found the setting
# Start server with --statistics flag to see buffer utilization.
# Must be a power of 2. (512, 1024, 2048, ...)
ring_size = 65536
and modified it to be 8192 seems to be processing events much better.
On Friday, April 29, 2016 at 2:40:51 PM UTC-7,
Hello, I was wondering if anyone encountered this problem after upgrading
from 1.0 to 2.0 I have a 1node cluster running elasticsearch and greylog on
the same box w/ 64gb of memory 12 cores 4ssd in raid. I figured out most of
the problems after the upgrade but im having odd performance issues
I'm using Windows Event Forwarding (WEF) to collect the events on one
server and then forward then using nxlog to Graylog.
The default input, extractors are used but the problem is the messages are
truncated (I'm not seing the data that is needed):
Thank you Jochen. At first, I didn't understand the purpose of this
approach. But I've since taken your suggestion and are now sending the
Aruba syslog messages into a raw/plaintext input. I've since been able to
apply grok patterns to extract data. At first this was confusing to me
because I
Hi Nikhil,
looks like you didn't enable hardware virtualization in the bios of your
server? Also make sure that the host is a 64bit system.
Cheers,
Marius
On 29 April 2016 at 18:59, nikhil shetty wrote:
> I tried that as well , if I provide more than 3000 mb i get
I tried that as well , if I provide more than 3000 mb i get below error
during startup and the vm window disappears
VT-x is not available (VERR_VMX_NO_VMX).
Result Code:
E_FAIL (0x80004005)
Component:
ConsoleWrap
Interface:
IConsole {872da645-4a9b-1727-bee2-5585105b9eed}
On Fri, Apr 29,
Those changes were made before I created this topic, so the log in my
initial post was still accurate.
But here's the weird part... I created the SSH tunnel which allowed the
connection to the ES node to come up, which was a temporary workaround, but
did the job. Then last night I was
Thanks Jochen for quick response.
I look forward to the manual upgrade documentation.
Would you drop a note here when that is ready or if there is any page I can
monitor, it would be great.
Thanks
On Friday, April 29, 2016 at 10:54:40 AM UTC-4, 123Dev wrote:
>
> Hi Jochen,
>
> Any advice on
Hi,
upgrading the OVAs and AMIs (which both are using the Graylog omnibus
package) is currently not supported.
We're currently working on some documentation for manually upgrading those
virtual machine images in an existing setup.
Cheers,
Jochen
On Friday, 29 April 2016 16:54:40 UTC+2,
Hi Nikhil,
try providing a little bit more memory (minimum 4 GB) for the virtual
machine.
Cheers,
Jochen
On Friday, 29 April 2016 17:00:07 UTC+2, nikhil shetty wrote:
>
> Hi Jochen ,
>
> Thanks for taking time for this .
>
> Below is the setting
>
> base memeory - 3000mb
> boot order - hard
Hi Jochen,
Any advice on upgrading AWS image based 1.3 deployment to 2.0?
The cluster is made of two Graylog Servers, two datanode servers and one
web portal (ES running on Graylog Servers and Datanode Servers, MongoDB
running on GS Servers).
Should one be upgrading ES and MongoDB on each
Hi Jochen ,
Thanks for taking time for this .
Below is the setting
base memeory - 3000mb
boot order - hard disk
chipset - ICH9
Extended feature - Enable I/O APIC
We copied the OVA and VM into the server and , after that started the
oracle vm and below steps
we double clicked the graylog ova
Hi Boris,
if you have the same error message you didn't fix the issue.
Cheers,
Jochen
On Friday, 29 April 2016 13:54:08 UTC+2, Boris Rousseau wrote:
>
> Hi Jochen,
>
> It does not change anything !
> Still having same errors ...
>
> cheers,
> Boris
>
> Le vendredi 29 avril 2016 12:19:32 UTC+2,
Jochen-
The rule works now thanks to your clarifications, but now I've got a new
question:
When I apply the pipeline with that rule to the App 1 stream (matches
exactly on "source: app 1"), it doesn't forward anything to my tomcat
stream. Even when I set the condition to true to let
Hi Jochen,
It does not change anything !
Still having same errors ...
cheers,
Boris
Le vendredi 29 avril 2016 12:19:32 UTC+2, Jochen Schalanda a écrit :
>
> Hi Boris,
>
> the error message is kind of swamped by the other messages, but this is
> the relevant one:
>
> ESC[32mgraylog_1 |
Hi Boris,
the error message is kind of swamped by the other messages, but this is the
relevant one:
ESC[32mgraylog_1 | ESC[0m
ESC[32mgraylog_1 | ESC[0m321) Error injecting constructor,
java.io.IOException: Permission denied
ESC[32mgraylog_1 | ESC[0m at
Hi Bryan,
if you don't tell us exactly what you've changed and what the error message
was after the change, we can't possibly help you.
Cheers,
Jochen
On Thursday, 28 April 2016 17:26:16 UTC+2, Bryan Vukich wrote:
>
> Hello Jochen,
>
> I have elasticsearch_network_host,
Hi Ross,
you need to tell the route_to_stream function whether you're specifying the
*stream
id* or the *stream name*,
see
Hi Boris,
could you please post the complete error log that Docker outputs?
Cheers,
Jochen
On Friday, 29 April 2016 08:45:28 UTC+2, Boris Rousseau wrote:
>
> Hello,
>
> I followed this instructions to launch graylog server with docker-compose
> https://hub.docker.com/r/graylog2/server/
>
>
Hi Jacob,
you can use a Raw/Plaintext TCP or UDP input for this and extract the
required information via some extractors,
see http://docs.graylog.org/en/2.0/pages/extractors.html for details.
Cheers,
Jochen
On Friday, 29 April 2016 03:49:56 UTC+2, Jacob wrote:
>
> Hello,
>
> I'm have a
Hi Nikhil,
how exactly did you set up the virtual machine (all settings) and how
exactly did you import the provided OVA into VirtualBox?
Cheers,
Jochen
On Friday, 29 April 2016 01:37:32 UTC+2, nikhil shetty wrote:
>
> Hi ,
>
> I am trying to start graylog-2.0.0-1.ova using Oracle
>
Hi Ross,
this should work:
to_string($message.tag) == "tomcat"
at least my case its working
On Thursday, April 28, 2016 at 11:56:25 PM UTC+3, Ross wrote:
>
> Hi-
>
> I'm trying to create a pipeline to send messages to another stream based
> on the application that generated it. In the
Hello,
I followed this instructions to launch graylog server with docker-compose
https://hub.docker.com/r/graylog2/server/
However, when I do a docker-compose up, I end up with the following error :
graylog_1 | 2016-04-29 06:41:20,417 ERROR:
org.graylog2.bootstrap.CmdLineTool - Guice
24 matches
Mail list logo