csv file's field separator is comma (,) not semicolon(;).
On Tuesday, November 17, 2015 at 10:09:37 AM UTC-5, Jean-Luc Bassereau
wrote:
>
> Hello,
>
> I'm trying to send log files (which is in fact a CSV ; file) from logstash
> to Graylog.
> I'm using a very simple logstash rule to load and s
Of course it was refreshed. cleared browser cache and everything. "2.0.1"
comes form the server.
On Monday, May 30, 2016 at 6:19:15 PM UTC+3, Edmundo Alvarez wrote:
>
> Hi Joe,
>
> Please also remember to refresh the Graylog web interface tab after
> upgrading, as the whole web interface lives
Hi,
that's simply the randomly chosen name of the Elasticsearch node running on
your system.
See
https://www.elastic.co/guide/en/elasticsearch/reference/2.3/setup-configuration.html#node-name
for details.
Cheers,
Jochen
On Monday, 30 May 2016 17:17:55 UTC+2, kaiser wrote:
>
> Hello,
>
> I h
Hi Joe,
the reconfigure script should not do any Elasticsearch actions other then a
restart when there is a configuration change. You could see at the end of
the output if ES was restarted or not.
If you want to set the number of replicas to 0, you can use advanced
attributes like documented her
Hi Joe,
Please also remember to refresh the Graylog web interface tab after upgrading,
as the whole web interface lives in your browser now.
Regards,
Edmundo
> On 30 May 2016, at 17:06, Jochen Schalanda wrote:
>
> Hi Joe,
>
> Graylog 2.0.2 should show the following version in the footer of t
Hello,
I have graylog 2.0 and only one node configured and activated in graylog
web node section.
But When I am running:
curl '/_cat/nodes?v'
host ip heap.percent ram.percent load node.role master name
127.0.0.1 127.0.0.154 98 1.86 c -
graylog-
Hi Jochen, thanks for the reply.
I'm actually looking for specific messages from different processes.
"Cumbersome" was probably the wrong word to describe using contains(), I
just wanted to be sure I was using the best statements to match messages
before I wrote rules for the whole environment.
Hi Joe,
Graylog 2.0.2 should show the following version in the footer of the
Graylog web interface: Graylog 2.0.2 (4da1379)
>From the output you've posted it looks as if you've installed the
"graylog-server" package for the first time (it's marked as NEW). Are you
sure that you've been using t
Following instructions
on
http://docs.graylog.org/en/2.0/pages/installation/operating_system_packages.html
Installed 2.0.2 but in web colsole page footer it says:
Graylog 2.0.1 (81e0187) on graylog (Oracle Corporation 1.8.0_77 on Linux
3.13.0-85-generic)
Is this expected?
*ubuntu@graylog:
Every time we perform graylog-ctl restart four more unassigned shards
appear:
Elasticsearch cluster is yellow. Shards: 20 active, 0 initializing, 0
relocating, 8 unassigned
graylog-ctl restart
Elasticsearch cluster is yellow. Shards: 20 active, 0 initializing, 0
relocating, 12 unassigned
Etc.
Hej Joe,
the main problem is - we can’t decide if it is ok for you that you
lost some messages or not.
If loosing messages is fine for you just let it run. If you want to
keep all messages your application an server send over to graylog you
should check your elasticsearch cluster.
This is what t
Hi ,
I'm trying to integrate oracle DB with Graylog2.I got a problem with this
integration.To make this integration you need to open audit os trail option
in Oracle database.When you done it ,DB send all of logs to syslog then I
can receive this logs to Graylog2 ,there is no problem.
But
Hi ,
I'm trying to integrate oracle DB and Graylog2 and I got a problem with
this integration.To make this integration you need to open audit trail
option to OS level in Oracle database.When you done it ,DB send all of logs
to syslog then I can receive this logs to Graylog2.
But in Oracle Datab
Hi ,
I have got oracle database and I set audit_trail option to os in my Oracle
database.I can receive oracle logs from Graylog 2 there is no problem.What
I want receive extended log from Oracle DB .But OracleDB only support
extended log with xml file or db ,not os.
due to this problem I can't
Thank you, but you might want to revise that.
localhost isnt enough, you need to be able to specify normal proxy
exclusions, like .domain. If you have multiple graylog servers they should
not use proxy to communicate.
Brgds. Martin
On Monday, 30 May 2016 14:30:02 UTC+2, Dennis Oelkers wrote:
>
Hey Martin,
we have now implemented a function to disable the proxy for requests going to
localhost. It is already merged and will be included in the next release of
Graylog.
Thanks for your support,
D.
> On 27.05.2016, at 12:19, Dennis Oelkers wrote:
>
>> On 27.05.2016, at 10:18, Ma
Hi Jochen,
i installed one of the GUI Admin tools (MongoVue). Perfect. In Collections,
ldap_settings, i found 4 lines of settings. i delete all of them und
configured ldap trough web-gui. now it works.
Wolfgang
Am Montag, 30. Mai 2016 11:39:38 UTC+2 schrieb Jochen Schalanda:
>
> Hi Wolfgang,
>
>
My Setup is very straightforward - Installed Graylog 2.0 EC2 image on
amazon AWS.
Graylog image is all-in-one image with Elasticsearch and Graylog server.
When I asked previously in this forum if this a Graylog -specific problem I
got no response. So I am asking as if it's not specific to Image.
Hi Chad,
if you're simply looking for "SomeProc" inside the "message" field, why not
use the contains() function? Why would that be more cumbersome?
Cheers,
Jochen
On Wednesday, 25 May 2016 23:18:20 UTC+2, Chad Sheets wrote:
>
> I'm attempting to drop messages according to regular expressions a
Hi Wolfgang,
please take a look at these chapters from the MongoDB documentation:
- https://docs.mongodb.com/getting-started/shell/client/
- https://docs.mongodb.com/manual/mongo/
- https://docs.mongodb.com/manual/reference/method/db.collection.find/
- e. g. db.ldap_settings.find().pr
Hi Miro,
you can use the Graylog REST API to add/remove/modify rules and pipelines,
that's what the Graylog web interface is doing too.
Cheers,
Jochen
On Thursday, 26 May 2016 10:58:04 UTC+2, Miro K wrote:
>
> Hi Jochen,
>
> thanks a lot for your answer. It seems pipelines/rules can do the same
Hi Robert,
please try deleting the "user_redacted" user (either in the web interface
on the System -> Users page or in MongoDB in the "users" collection).
Cheers,
Jochen
On Saturday, 28 May 2016 02:34:54 UTC+2, Robert Hough wrote:
>
> 2016-05-28T00:28:12.333Z ERROR [LdapUserAuthenticator] Error
Hi,
the list of involved hosts in the cluster is stored and distributed via
Etcd. It's organized like a directory tree, so you can do:
'/opt/graylog/emvedded/bin/etcdctl ls'
or '/opt/graylog/emvedded/bin/etcdctl ls servers' to see all graylog
servers.
To delete an entry use the rm command: '/opt
Hi,
you can configure the email transport settings in the AMI using the
graylog-ctl script and the set-email-config command
(see
http://docs.graylog.org/en/2.0/pages/installation/graylog_ctl.html#configuration-commands
for details).
Cheers,
Jochen
On Friday, 27 May 2016 11:32:43 UTC+2, rvb
Hi Dennis,
Ive opened the issue:
https://github.com/Graylog2/graylog2-server/issues/2306
Thank you
Lukas
Am Montag, 30. Mai 2016 10:46:59 UTC+2 schrieb Lukas Fenner:
>
> Hello All,
>
> Im running on Graylog Server 2.0.2 with ES 2.3.3.
>
> When i try to get 5 Messages with offset 1 it fails w
Hey Todd,
what you can do at the moment is that your define streams for each input
(adding rules so that only the messages of this input are routed into the
stream) and then define the users to be readers for the corresponding streams.
Kr,
D.
> On 27.05.2016, at 17:22, Todd Bryant wro
Hey Rakesh,
thanks for contacting us. Could please provide a short overview over the rules
your have configured for your stream and the alert conditions which are not
triggered after a while? Do you see anything in your server log?
Kr,
D.
> On 30.05.2016, at 10:42, Rakesh R wrote:
>
Hey Lukas,
thanks for reporting this. Could you please open an issue on github for this?
(https://github.com/Graylog2/graylog2-server/issues/new)
We will investigate if this is a bug and possibly provide a fix for this.
Kr,
D.
> On 30.05.2016, at 10:46, Lukas Fenner wrote:
>
> Hello A
Hi Sanhegi,
do you see any errors in the nxlog_stdout/stderr files under
/var/log/graylog/collector-sidecar? It could be that you started nxlog on
port 514 and there is another syslog already listening or something like
that? Are you sure that the firewall syslog messages can be processed by
nxlog,
Hello All,
Im running on Graylog Server 2.0.2 with ES 2.3.3.
When i try to get 5 Messages with offset 1 it fails with error:
{ "query": "facility:TEST", "begin_column": null, "begin_line": null, "
end_column": null, "end_line": null, "message": "Unable to execute search",
"exception_name":
Hi, i didn't want to use a file as input. When i choose udp as input in the
graylog web interface, i supposed i will get all the udp log from 0.0.0.0
Le lundi 30 mai 2016 10:22:07 UTC+2, Jochen Schalanda a écrit :
>
> Hi,
>
> the firewall logs are probably written to a different file. nxlog sim
Hi,
Graylog is setup properly and there seems to be some issue with the
alerts being triggered. Test mails are working fine. The alerts are
triggered from the streams when the server is restarted and after some time
the alerts are not triggered. I have checked the configuration and
every
hi,
i have two network. if i send directly from syslog i might loose some log
when the network goes down
Le lundi 30 mai 2016 10:21:51 UTC+2, Jan Doberstein a écrit :
>
> Hello Person with no name,
>
>
> Am 30. Mai 2016 um 09:55:38, sangh (sanhegi.manel=40gmail.com) schrieb:
> > the log of the
Hi,
you're missing a blank between --port and 587.
Cheers,
Jochen
On Thursday, 26 May 2016 12:53:53 UTC+2, rvb n wrote:
>
> This command showing the attached error. pls help
>
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe fr
Hi,
what's your current configuration for the email transport?
Cheers,
Jochen
On Thursday, 26 May 2016 15:14:43 UTC+2, rvb n wrote:
>
>
> Hi
>
> Please find the attachment. I am getting this error while send test mail
> pls advice
>
> On Thursday, May 26, 2016 at 2:21:17 PM UTC+5:30, rvb n
Hej Joe,
Am 28. Mai 2016 um 13:39:44, Joe K (roman.roan=40gmail.com) schrieb:
> We have message in console: * =22Uncommited messages deleted from journ=
al=22*
> =20
> > Uncommited messages deleted from journal
> > Some messages were deleted from the Graylog journal before they could=
be
> > writ
Hi Jochen, I'm not trained with mongodb, so what have i to do for looking,
changing or deleting "ldap_settings" collection in mongodb? searched in
graylog help, but can't find anything.
Wolfgang
Am Mittwoch, 25. Mai 2016 07:48:44 UTC+2 schrieb Leittechnik SUN:
>
> hi,
> after upgrading from gray
Hi,
yes, you need to run graylog-ctl reconfigure if you changed any settings,
including setting the admin password.
Cheers,
Jochen
On Monday, 30 May 2016 08:44:28 UTC+2, Leittechnik SUN wrote:
>
> ok, realy simple, i'm able to set the password now. And after setting the
> new password ist nece
Hi,
the firewall logs are probably written to a different file. nxlog simply
follows text files and sends their contents to Graylog, so you need to add
the log file containing the firewall logs to the nxlog configuration.
Cheers,
Jochen
On Monday, 30 May 2016 09:55:36 UTC+2, sangh wrote:
>
> t
Hello Person with no name,
Am 30. Mai 2016 um 09:55:38, sangh (sanhegi.manel=40gmail.com) schrieb:
> the log of the firewall i send them to Machine A.
> I install on Machine A nxlog and collector side car
you know that you can send in syslog direct to graylog, or=3F=C2=A0
http://docs.graylog.or
Hej,
Am 30. Mai 2016 um 00:53:15, Nevalystha Pingkan Dumanauw
(nevalystha...@gmail.com) schrieb:
> I am new in Graylog. Actually, my company is planning to use Graylog as a
> log management system. We have installed it in our server, but when we run
> it, Graylog has consumed the server's CPU & me
the log of the firewall i send them to Machine A.
I install on Machine A nxlog and collector side car
On graylog Web interface, i configure input so i can get log of 0.0.0.0.
However i don't receive the firewall log on the graylog server
i do receive them on machine A but they are not sent to gra
Hej,
you can / need to set the indices rotation in the web interface to
have log rotation.
How you can extend your root partition? It depends on your Setup and
used Software.
But, please follow point 3.1.1 of RFC1855 (https://tools.ietf.org/html/rfc1855)
thank you
Jan
Am 30. Mai 2016 um 05:0
Hej,
sorry can you please write your question in other words? I did not get it.
thx
Jan
Am 30. Mai 2016 um 09:33:06, sangh (sanhegi.ma...@gmail.com) schrieb:
> I am using collector side car on linux i can get the machine log however i
> don't for the firewall log that i forward to my Nxlog mach
I am using collector side car on linux i can get the machine log however i
don't for the firewall log that i forward to my Nxlog machine ??
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving email
45 matches
Mail list logo