What is different about the ZeroMQ plugin, as opposed to using the available
AMQP input option? Are they not compatible?
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send
As far as I know, none of our servers are using 0.0.0.0. That just tells
the network stack to open listen sockets on all available interfaces, so
who knows which one java will actually use? We only specify actual IPs of
the Interface we want Java to be using for ES and Graylog.
On Fri, Jan 6,
did you change your master server from 0.0.0.0?
On Friday, January 6, 2017 at 4:05:04 PM UTC-6, lsch...@palatine.il.us
wrote:
>
> The machine I am setting up for a graylog server has two interfaces, one
> for public access, the other to my iscsi disks. When I start graylog and
> try to login,
In your server.conf file, configure your rest_listen and web_listen to use
specific IP addresses, not 0.0.0.0. We run our graylog and elasticsearch
nodes with multiple interfaces for similar reasons and we just hard-code
the nodes IP addresses in the conf file. We never have the issue you're
The machine I am setting up for a graylog server has two interfaces, one
for public access, the other to my iscsi disks. When I start graylog and
try to login, it gives me an error that my api is not reachable and shows
me my iscsi adapter address (we do not route our subnet for iscsi)
I have
Hello,
First I would like to thanks this community for prompt answers.
I would like to capture logs from windows. I installed winlogbeats and
configured beats input on graylog. I can see that connection is
estabilished, but I receive no answer. I used wireshark and curl to debug
this, but for
Thanks for your reply, but that's not what I'm trying to do.
I've got a pipeline with some rules that add some fields and remove some
fields.
The pipeline is connected to a custom stream, not the default stream.
But so far everything is ok. In the stream the messages look exactly like
they
On Friday, January 6, 2017 at 6:33:17 AM UTC-6, Frank wrote:
>
>
> Plain shows the message without the fields that should be removed, but
> also without the added custom fields.
> Full and structured show the message with the custom fields, but also with
> all fields that should be removed.
>
Jochen, given the issues with remote storage for the journal... Do you
recommend high volume nodes be physical? I run into issues with my
receiving nodes where once a node has significant messages in the journal
it can take considerable time to recover. Often during these periods the
system in
Hi,
thanks for everything all, clear.
Cheers!
On Friday, January 6, 2017 at 1:50:54 PM UTC+1, Jochen Schalanda wrote:
> Hi,
>
> On Friday, 6 January 2017 05:00:52 UTC+1, cyph...@gmail.com wrote:
>>
>> One last question, how can I prevent running out of space.
>>
>
> The simple (and correct)
Hi Till,
On Friday, 6 January 2017 11:43:32 UTC+1, Till Brinkmann wrote:
>
> But I do not understand how to get alle messages in a certain time rage
> from the stream.
>
> Is that possible via the REST ?
>
Yes, that's possible. Simply use the /search/universal/absolute resource in
the Graylog
Hi Jiří,
On Friday, 6 January 2017 08:50:47 UTC+1, Jiří Kolb wrote:
>
> How to captures logs that are stored on database systems? Is there any
> collector for it?
>
This completely depends on the database you're using.
Logstash's JDBC input might be a good start:
Hi,
On Friday, 6 January 2017 05:00:52 UTC+1, cyph...@gmail.com wrote:
>
> One last question, how can I prevent running out of space.
>
The simple (and correct) answer is: Monitor your disk space usage and send
a notification if you start running out of disk space.
Also
see
Hi Jiří,
Graylog itself doesn't support multitenancy, but it's fairly easy to
automatically set-up a Graylog cluster using the official
Chef/Puppet/Ansible modules or the virtual machine image (OVA).
But maybe the streams functionality of Graylog is already sufficient for
your use cases:
Hi,
I created a pipeline with some rules that add custom fields and remove
other fields.
The pipeline is connected to a stream, and there everything looks fine. My
custom fields are present, and the other ones are removed.
This stream is connected to a syslog output, which sends the messages to
If I unterstand your question correctly, you have to connect an output to
your stream.
On the Streams page look for "Manage Outputs".
I just did this with a syslog output, and it works to some extend.
On Friday, January 6, 2017 at 2:37:03 AM UTC+1, Evgueni Gordienko wrote:
>
>
> For my stream in
To share some more insights and describe how I managed to get Graylog to
perform better:
Grok patterns are very costly as mentioned earlier so I went ahead and
looked for a solution that better
indexed those custom logs (in my case sidewinder firewall SEF-format) than
having an input with
~ 12
Hi Jochen,
in enteprise environments you don´t use SAN for network mounted drives -
they become the sole disk infracstructure for your virtual appliances
run on (with fibrechannel in our case or iSCSI or FCoE in other cases). The
i/o usually feels and acts like local disk mounted volumes.
The
Thanks for your reply
On Thursday, January 5, 2017 at 9:19:08 PM UTC+6:30, BKeep wrote:
>
> This won't work in v2.1.2 without some modification since it was created
> using a newer version of graylog. You must be running *Graylog v2.2.0 or
> later* because of using the split function in the
Hi there,
We gather internal dns request in graylog and visual them on a dashboard.
I need to compare data from that stream. My first idea is to use the REST
api and a shell script.
But I do not understand how to get alle messages in a certain time rage
from the stream.
Is that possible
Thanks Jochen,
Actually my problem was solved more simply than that.
Turns out I missed the editable field in the Alerts callback which allowed
me to change the address. D'oh!
Our mail server is Linux based, so this worked fine afterwards. Thanks for
the reply
On Thursday, 5 January 2017
21 matches
Mail list logo
