[graylog2] Colors in Charts and Data Table

Hello, is there a way to manipulate the colors of a pie charts or data table views? At the moment my application log levels (info, debug, trace, error) got bad colors for the chart. The idea is to tell graylog which log level wich color gets or something. Regards, Josh -- You received this

[graylog2] Adding Custom Functions for defining Rules

Hi, In the documentation for graylog. It is written that Functions are written in Java and are pluggable, allowing extending the capabilities of Graylog. There is no place in documentation where I could find how I could add custom Functions. I also looked at the source code from the following

[graylog2] Kafka output plugin for Graylog 2.x?

Is anyone aware of a Kafka output plugin for Graylog 2.x? If not, is Graylog itself considering creating/maintaining such a plugin in the near future? We're considering building one ourselves, but we'd like to ensure one doesn't already exist (or in the works). We didn't find such a plugin

Re: [graylog2] Having some difficulties with 3 node graylog cluster

Hi Jan, I've send you the log file by mail. We're using LDAP authentication (Actually active directory) but we do not face any login problems. Everything works as expected except the search button mentioned in the previous mails. Thank you for your time Regards Yiannis On Monday, June 27,

[graylog2] Alerting for flopping ports

I'm new with graylog and maybe one of you guys can help: I have in graylog lots of events of the type application online/application offline generated by thousands of different clients. I would like to create an alert that is triggered if I gent an offline from hostA and in 30 minutes I do

[graylog2] Backup of indices in Graylog 1.3

Hi people, I have Graylog 1.3 as my syslog server. I have setup the following strategy: 10 indices 3 days for indice delete and not close total: 30 days of data I want to backup the indices to a Networker EMC server, but all the indices I have in the Graylog web interface are not closed. Can

Re: [graylog2] Need some help disabling ciphers and algorithms

Ah great, I'll give that a try and report back, thanks a lot. On Monday, June 27, 2016 at 5:16:25 PM UTC+3, Marius Sturm wrote: > > Ah ok, than you can use the advanced attributes in > /etc/graylog/graylog-settings.json and modify these values: >

Re: [graylog2] Need some help disabling ciphers and algorithms

Hi Marius, Just for the web interface, our security department flagged the system as being vulnerable to heartbleed/POODLE/FROWN etc. because SSLv2 and SSLv3 are enabled (along with weak RC4 ciphers). On Monday, June 27, 2016 at 3:59:56 PM UTC+3, Marius Sturm wrote: > > @Ragnar do you try to

Re: [graylog2] Need some help disabling ciphers and algorithms

Hey Jan, Thanks for your reply, so if I understand correctly this is only possible (currently) for non-OVA implementations, is that correct? On Monday, June 27, 2016 at 2:46:29 PM UTC+3, Jan Doberstein wrote: > > Hej Ragnar, > > > > On 25. Juni 2016 at 14:13:32, Ragnar (invalid...@gmail.com )

Re: [graylog2] Re: Anyone use Image in real world application? Graylog 2.0 image fails after few days. Is this Image problem or Graylog in general?

screenshots from my UI

[graylog2] Syslog messages look different between Splunk and Graylog

Hello, I am new to graylog. I used Splunk before but I reached the space limit of splunk. Thats why I installed Graylog. I want to log firewall Logs and create reports and graphs out of this Logs. - how similar is the Search syntax between Splunk and Graylog? Is it complicated to migrate

Re: [graylog2] Need some help disabling ciphers and algorithms

@Ragnar do you try to disable the cipher algorithms for the web interface or for an log input? Because the web interface on the appliances is TLS terminated by the Nginx that is also installed. The inputs are served directly by Graylog's java process, that whould be a differnet setting. On 27

Re: [graylog2] Re: Anyone use Image in real world application? Graylog 2.0 image fails after few days. Is this Image problem or Graylog in general?

Hi I checked the elasticsearch log and I don't see something special The cluster status is green this is the last log file 2016-06-26_09:51:28.78352 [2016-06-26 12:51:28,782][INFO ][node ] [Glenn Talbot] version[2.3.1], pid[953], build[bd98092/2016-04-04T12:25:05Z]

Re: [graylog2] Re: Anyone use Image in real world application? Graylog 2.0 image fails after few days. Is this Image problem or Graylog in general?

Hi, this all boils down to an unstable Elasticsearch instance. When Graylog is not able to forward log messages to ES it buffers them on disk and tries to send them later. This is called journal. So when your ES service is not running properly the journal fills up with messages. Please take a look

Re: [graylog2] Need some help disabling ciphers and algorithms

Hej Ragnar, On 25. Juni 2016 at 14:13:32, Ragnar (invalid.nore...@gmail.com) wrote: > Steps Tried: > 1. Created a security.properties file using the exact example > (un-commenting out the relevant lines) and put it in the > /opt/graylog/server directory > 2. Ran the command java >

[graylog2] Re: Anyone use Image in real world application? Graylog 2.0 image fails after few days. Is this Image problem or Graylog in general?

1 and 4 and the graylog server node is not sending data to elasticsearch I deleted the journal but it doesn't help the problems began few days after I upgraded from 1.3 to 2.0.2 בתאריך יום שני, 27 ביוני 2016 בשעה 14:30:28 UTC+3, מאת Joe K: > > Which problem out of 4? > > > On Monday, June 27,

[graylog2] Re: Anyone use Image in real world application? Graylog 2.0 image fails after few days. Is this Image problem or Graylog in general?

Which problem out of 4? On Monday, June 27, 2016 at 2:00:14 PM UTC+3, John wrote: > > Hi Joe > I have exactly the same problem few days after I upgraded from 1.3 to 2.0.2 > Did you managed to fix this issue? > > בתאריך יום חמישי, 26 במאי 2016 בשעה 14:02:19 UTC+3, מאת Joe K: >> >> >> - We run it

Re: [graylog2] Having some difficulties with 3 node graylog cluster

Hej Yiannis, On 24. Juni 2016 at 16:19:01, Yiannis (k...@stoiximan.gr) wrote: > the setup is really straight forward and never thought that i will have > difficulties but…. you are faced a strange issue. That looks like a corner-case. > > On Friday, June 24, 2016 at 10:42:21 AM UTC+2, Jan

[graylog2] Re: Anyone use Image in real world application? Graylog 2.0 image fails after few days. Is this Image problem or Graylog in general?

Hi Joe I have exactly the same problem few days after I upgraded from 1.3 to 2.0.2 Did you managed to fix this issue? בתאריך יום חמישי, 26 במאי 2016 בשעה 14:02:19 UTC+3, מאת Joe K: > > > - We run it on t2.medium. (4GB RAM, 2 cores) > - About 1 incoming message per second. > - tried 2.0.0 and now

[graylog2] Re: Graylog wont send Data to Elasticsearch after Update

Hi, I have the same problem after upgrade from 1.3 to 2.0.2 with 2 error messages "Uncommited messages deleted from journal" and " Journal utilization is too high" and I deleted the journal from all of the nodes .but it doesn't help. I still have the same error messages and Graylog server is not

[graylog2] Graylog wont send Data to Elasticsearch after Update

Hi, today we updated Graylog to 2.0.3 and scince that no more data were send to elasticsearch. We recieve data but dont write them to elasticsearch Any idea why this could happen? Greetings! Graylog: 2016-06-27T10:26:43.744+02:00 INFO [CmdLineTool] Loaded plugin: Elastic Beats Input