[graylog2] Re: Search in Graylog always returns 0 hit

nm. It's because the index date ranges are not automatically updated. On Wednesday, December 28, 2016 at 6:05:29 PM UTC-5, Wanjun Wang wrote: > > Search in Graylog always returns 0 hit. If I copy the Elasticsearch query > from Graylog and run it in Kibana Sense, it returns hits fine. There is

[graylog2] Graylog - Edit extractor - Slow

What version are you running? I believe the was a bug with the gzip compression used in the rest API output which has since been resolved in the current version. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group

[graylog2] Search in Graylog always returns 0 hit

Can you verify the time is synced on any gralog nodes (via NTP)? Does changing the time range work (e.g. all messages). Is it a relative or absolute time range that is empty? -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe

[graylog2] Search in Graylog always returns 0 hit

Search in Graylog always returns 0 hit. If I copy the Elasticsearch query from Graylog and run it in Kibana Sense, it returns hits fine. There is no exception in server.log. Is there any debug trace to see where Graylog sends the query? Thanks. -- You received this message because you are

Re: [graylog2] Graylog stopped working

This documentation page covers how to extend the disk space in the OVA: http://docs.graylog.org/en/2.1/pages/configuration/graylog_ctl.html#extend-disk-space Please note that Graylog's journal is sometimes corrupted when it ran out of disk space. In that case you may need to delete the journal

Re: [graylog2] Graylog stopped working

Thank you Edmundo. It appears we ran out of space. df -h Filesystem Size Used Avail Use% Mounted on udev1.5G 4.0K 1.5G 1% /dev tmpfs 300M 388K 300M 1% /run /dev/dm-015G 15G 0 100% / none4.0K 0 4.0K 0% /sys/fs/cgroup none

[graylog2] Re: [SearchResource] Unable to execute search: all shards failed

OK, sorry for my stupid question. I found my answer. It seems that elasticsearch 2.3.5 is the only version supported with graylog 2.1.x I uninstall my elasticsearch version 2.4.3, deleted all the file remaining in /var/lib/elasticsearch/ and reinstall the 2.3.5 version and the problem is

Re: [graylog2] Re: 30% CPU usage

this is what i get from the api call http://pastebin.com/rEnubNbk On Wed, Dec 28, 2016 at 12:55 PM, Jochen Schalanda wrote: > Hi Stefano, > > you could take a look at the thread dump of that Graylog instance via the > /system/threaddump resource of the Graylog REST API or

Re: [graylog2] Grok patterns list is empty

It was installed using your puppet module. And I think it's been 2.1.2 from the start. Best regards, David On December 28, 2016 2:01:30 PM GMT+01:00, Edmundo Alvarez wrote: >Good to read you solved the issue :-) > >We ship some common patterns as part of the base

Re: [graylog2] Grok patterns list is empty

Good to read you solved the issue :-) We ship some common patterns as part of the base installation, I am not sure why they were not present in your case. How did you install Graylog? Also, was it an upgrade from a previous version? This information will allow us to further investigate if this

Re: [graylog2] Grok patterns list is empty

On 28/12/16 13:38, David Raison wrote: > Ha, that seems to be the problem. I don't have such a collection at all. > However, the patterns seem to be in content_packs, but not used on the > frontend. Oook. So after importing the content pack, navigate to System > Content Packs and actually

Re: [graylog2] Grok patterns list is empty

On 28/12/16 10:50, Edmundo Alvarez wrote: > I would start by checking if the grok patterns got stored in the database. > Could you please check if there are some documents in the "grok_patterns" > collection inside the MongoDB database you use for Graylog? Ha, that seems to be the problem. I

[graylog2] [SearchResource] Unable to execute search: all shards failed

Dear all, I just did a fresh install of Graylog / MongoDB / Elasticsearch on a Debian 7 server. - Graylog Version:2.1.2-1 - Elasticsearch Version:2.4.3 - MongoDB Version:3.2.11 - Operating System:Debian 7 (SMP Debian 3.16.7-ckt20-1+deb8u1) - Browser version: Chrome Version

[graylog2] Re: !!! Please Help, service port 9000 cannot start

Hi, please check the logs of Graylog and the related services in the virtual machine for error messages. See http://docs.graylog.org/en/2.1/pages/configuration/file_location.html#omnibus-package for a list of default file locations in the OVA. Cheers, Jochen On Tuesday, 27 December 2016

[graylog2] Re: Creating multiple dashboards for multiple servers' logs

Hi Harsh, you could probably use content packs for this, see the *System / Content packs* page in your Graylog web interface. Cheers, Jochen On Monday, 26 December 2016 08:09:55 UTC+1, Harsh Choudhary wrote: > > Hi > > I have a lot of servers in a cluster and I want to collect logs from all >

[graylog2] Re: 30% CPU usage

Hi Stefano, you could take a look at the thread dump of that Graylog instance via the /system/threaddump resource of the Graylog REST API or attach a profiler like VisualVM to the Java process. Cheers, Jochen On Wednesday, 28 December 2016 12:33:21 UTC+1, Stefano

[graylog2] 30% CPU usage

Hi all, I'm experienceing a strange thing with a deploymento of graylog. Basically, after a while that it's started graylog keeps using 30% of the CPU without any specific reason. I've two system that have pretty much the same load and configuration. In one graylog uses less than 5% in the

Re: [graylog2] Grok patterns list is empty

Hi David, I would start by checking if the grok patterns got stored in the database. Could you please check if there are some documents in the "grok_patterns" collection inside the MongoDB database you use for Graylog? Additionally, which Graylog version are you using? A link to the grok

[graylog2] Grok patterns list is empty

Hi, I'm running two graylog instances and on one of them, the list of grok patterns is empty, just displaying "No data available." I've tried importing the default patterns from the marketplace, the import succeeds, but the result is the same, still "No data available". This also means I

Re: [graylog2] Graylog stopped working

Hello, I would start by looking into your logs in /var/log/graylog, specially those in the "server" folder, which may give you some errors to start debugging the issue. Hope that helps. Regards, Edmundo > On 27 Dec 2016, at 20:55, cypher...@gmail.com wrote: > > We've been using Graylog OVA