[graylog2] Re: Adding Graylog node

2017-01-11 Thread BKeep
What was the solution? Adding your solution may help other who come looking to solve a problem. On Wednesday, January 11, 2017 at 2:45:08 PM UTC-6, Matt Antil wrote: > > I did end up finally finding a solution. Thank you a bunch for your > reply though. > > On Wednesday, January 11, 2017 at 2:

Re: [graylog2] Re: Search not returning anything

2017-01-11 Thread Joi Owen
I believe this is related to how the indexer splits the message data apart into tokens for storage. The search expects to match against complete tokens if you don't use a wildcard in your search pattern. If I were going to look into this for our devs, I'd probably create an extractor to regexp ma

[graylog2] Re: Adding Graylog node

2017-01-11 Thread Matt Antil
I did end up finally finding a solution. Thank you a bunch for your reply though. On Wednesday, January 11, 2017 at 2:35:57 AM UTC-6, Jochen Schalanda wrote: > > Hi Matt, > > please refer to the Graylog documentation about multi-node setups: > http://docs.graylog.org/en/2.1/pages/configuration

[graylog2] Re: Search not returning anything

2017-01-11 Thread Mic
Nobody has this problem ? On Monday, August 1, 2016 at 11:30:59 AM UTC-4, Mic wrote: > > Hello, we are indexing our stackTrace in the Message part of graylog. > > But whenever I want to search in it, it`s really difficult to have a > result. I need to have the exact package name. > > Do I need t

[graylog2] Re: Split message without drools

2017-01-11 Thread Evgueni Gordienko
Thanks for update - when is 2.2 release due? This is my use case(s): I have a record of format [TimeStamp] cpu_percent= I have extractor 'cpu_percent' which I use for local dashboard but I also need aggregated data (average cpu_percent for the last 10 min) to be sent to upstream time series d

[graylog2] Graylog doesn't process anymore.

2017-01-11 Thread Leonardo D'Angelo Gonçalves
Hi, everyone! I have a graylog server and yesterday the filesystem where graylog lives become full, so I resized the filesystem and restart graylog, elasticsearch, etc... But graylog only receive messages and don't process anything.The journal contains *2.001,289 unprocessed messages* and this

[graylog2] Re: Graylog - Linux Clients Timezone

2017-01-11 Thread Leonardo D'Angelo Gonçalves
Hi, I followed that link (see below) and I added the RFC format on my rsyslog.conf, and works like a charm... Thanks!!! https://github.com/Graylog2/graylog-guide-syslog-linux#readme

[graylog2] Re: Installing Graylog on Ubuntu

2017-01-11 Thread Hyder
hi, Yes, just figured that out! many thanks:) Regards, Hyder On Wednesday, January 11, 2017 at 11:11:38 AM UTC, Jochen Schalanda wrote: > > Hi, > > your MongoDB server isn't running or isn't accessible for Graylog. > > Cheers, > Jochen > > On Wednesday, 11 January 2017 12:06:47 UTC+1, Hyder wro

[graylog2] Re: Installing Graylog on Ubuntu

2017-01-11 Thread Jochen Schalanda
Hi, your MongoDB server isn't running or isn't accessible for Graylog. Cheers, Jochen On Wednesday, 11 January 2017 12:06:47 UTC+1, Hyder wrote: > > Hello, > > So I have followed the instructions on this link > which > is all d

[graylog2] Installing Graylog on Ubuntu

2017-01-11 Thread Hyder
Hello, So I have followed the instructions on this link which is all done and completed. However I can not access the web interface. I've set the configuration as required (from what i understood) but it does not work. I have

[graylog2] Re: NGINX Proxy reports "upstream response is buffered to a temporary file" erros when accessing Graylog

2017-01-11 Thread Jochen Schalanda
Hi Jan, the warning message simply means that the response is larger than the internal nginx buffer to store upstream responses. You can configure this buffer in your nginx configuration with the client_body_buffer_size

[graylog2] Re: Split message without drools

2017-01-11 Thread Jochen Schalanda
Hi Evgueni, On Wednesday, 11 January 2017 01:01:57 UTC+1, Evgueni Gordienko wrote: > > I us 2.1.2 GL and need to split message by spaces and then split second > item in result by '='. > I can not find split in my release of GL. > The split() function was only added to Graylog 2.2.0: https://git

[graylog2] Re: Filebeats collector only one output or multiple extractors on the same input

2017-01-11 Thread Jochen Schalanda
Hi Bryan, each message from Filebeats includes the name of the file it was read from (in the "file" message field), so you could simply create extractors or pipeline rules to handle these differently. If you want to run multiple Filebeats instances, that's also possible but the Graylog Collect

[graylog2] Re: Adding Graylog node

2017-01-11 Thread Jochen Schalanda
Hi Matt, please refer to the Graylog documentation about multi-node setups: http://docs.graylog.org/en/2.1/pages/configuration/multinode_setup.html Cheers, Jochen On Tuesday, 10 January 2017 20:59:45 UTC+1, Matt Antil wrote: > > I'm stuck. I have deployed a cluster with 1 Graylog node + 2 >