[graylog2] Extract/Backup logs that Graylog received

2016-09-13 Thread WIlliam Song
Hello Guys, Is it possible to backup the log file that Graylog have received ? I want to extract one file per server (all the servers are on Windows Server) who will looks like : "Server1.2016-09-13.log"

[graylog2] Re: Graylog is increasing log's size

2016-09-13 Thread Daniel Kamiński
maybe you're indexing some unnecessary fields? try to disable less needed data, you can also strip them off with pipelines before they get processed further, also I heard that BTRFS with compression enabled works nice with ES, W dniu poniedziałek, 12 września 2016 16:56:36 UTC+2 użytkownik

[graylog2] Re: Graylog in Docker 2.1

2016-09-13 Thread Daniel Kamiński
my docker machine IP is `192.168.0.135` and i set up `GRAYLOG_REST_TRANSPORT_URI` as `http://192.168.0.135:12900` W dniu poniedziałek, 12 września 2016 15:32:00 UTC+2 użytkownik Hernán Fernández napisał: > > Hi, I've tried this without success, what IP did you use and may you also > confirm

[graylog2] Compatibility of graylog 2.1.0

2016-09-13 Thread Shrawan Bhagwat
Hi All, Can anyone please tell me which version of logstash, elasticsearch, mongodb are compatible with graylog-2.1.0.? Regards, Shrawan -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving

[graylog2] Re: How to use the "copy input" extractor for the geolocation fields ?

2016-09-13 Thread Aykisn
I created a pipeline to rename the geolocation field. Working fine. The problem now is that the field is not indexed. Is there any way it can be ? Thanks. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and

[graylog2] Re: How to use the "copy input" extractor for the geolocation fields ?

2016-09-13 Thread Aykisn
Hmm I guess I'm stucked then, because if I do that, the ip field won't exist for the GeoIp Resolver. Thanks anyway :) -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an

[graylog2] Re: How to use the "copy input" extractor for the geolocation fields ?

2016-09-13 Thread Jochen Schalanda
Hi Aykisn, the GeoIP processor probably only runs after the extractors in your setup, so that at the time the extractors are running, the rp_ip_geolocation field doesn't exist. You can change the running order on the System / Configurations / Message Processors Configuration page in the

[graylog2] How to use the "copy input" extractor for the geolocation fields ?

2016-09-13 Thread Aykisn
Hello, I want to duplicate the geolocation fields by using the copy input (to change the name of the fields) but it doesn't work unfortunately (no field is created).