[graylog2] missing alerts menu

my (latest) graylog installation is missing the 'Alerts' menu item I'm trying to add/view the alerts. the docs at this page indicate

[graylog2] Re: graylog api not working for gelf - 404

all good i figured it out after posting. i had to add an input (System -> Input -> Launch new Input) - which listened on port 12201 working now, RTFM On Friday, 10 February 2017 07:57:30 UTC+8, Wallace Turner wrote: > > I am sending a log message to the api > > POST http://192.168.0.9:9000/gelf

[graylog2] graylog api not working for gelf - 404

I am sending a log message to the api POST http://192.168.0.9:9000/gelf HTTP/1.1 Authorization: Basic YWRtaW46YWRtaW4= Content-Type: application/json; charset=utf-8 Host: 192.168.0.9:9000 Content-Length: 396 Connection: Keep-Alive { "facility": "RandomPhrases", "file": "?", "host": "DESKTO

[graylog2] Does graylog automatically detect duplicate messages on ingest?

I am evaluating Graylog in order for us to manage both log analysis and alerts for our applications. Right now our Azure web applications are writing structured logs (in JSON) into file storage and I am trying to get those logs into Graylog. I created an input, ingested some logs, then created

[graylog2] Query to get report for number of logon attempts??

I am NEW to Debian and barely got through the GrayLog 2 installation (alive). It is up and running and working. I need to get good data from this but I seem to be missing HOW. I have read the graylog documentation and have used it to create some generic "reports" and added to the "Dashboard"

[graylog2] Re: Monitoring Windows DHCP Server Activity

The files are definitely updating. One interesting thing, I tried do establish this by just tailing the file with both Notepad++ and with a freeware "tail" utility for Windows and it never updated. I had to manually reload the file to see any changes. Further, I never saw any update in the file

[graylog2] Re: GrayLog 2.1.3 - Error injecting constructor, java.lang.NullPointerException

Just upgraded to 2.2.0 and it's working. Disregard! On Thursday, February 9, 2017 at 11:02:21 AM UTC-7, David Casey wrote: > > I'm having a heck of a time getting GrayLog to start up the web interface > part. The service starts up fine but the web interface never shows up. > I'm seeing the fo

[graylog2] GrayLog 2.1.3 - Error injecting constructor, java.lang.NullPointerException

I'm having a heck of a time getting GrayLog to start up the web interface part. The service starts up fine but the web interface never shows up. I'm seeing the following error in the server.log file: 2017-02-09T09:57:57.568-07:00 INFO [CmdLineTool] Loaded plugin: Elastic Beats Input 1.1.5 [o

[graylog2] Re: Graylog is ignoring some UDP packets sent by a particular host

Maybe you ran into the same issue I had, the time difference. Is the time set correctly on the router and does it match the Graylog server? If it works when you are relaying through another device, then that device may update the timestamp and make it work. I'm obviously a greenhorn but it may

[graylog2] Re: Incoming Gelf UDP messages not showing up

I think I have an idea as to what is going on, it looks to be a time zone / time issue. The packets were formatted correctly, hence no parsing errors. I was able to verify that by sending malformed packets and observing parsing errors. However the packets sent by the test app seem to have been

[graylog2] Re: collect logs from remote machine

Hi Wallace, On Thursday, 9 February 2017 12:20:26 UTC+1, Wallace Turner wrote: > > Ho Jochen so you need to install Sidecar (and then possibly nxlog) on each > machine you want to watch a logfile? > You can use any other means of shipping the logs from your systems to Graylog that you like. You

[graylog2] Re: How to parse OpenVPN logs in Graylog?

Hi César, first you have to ship the logs to your Graylog server, either by forwarding the messages via your syslog daemon on that system or by reading from a log file on that system. See http://docs.graylog.org/en/2.2/pages/sending_data.html and http://docs.graylog.org/en/2.2/pages/collector_

[graylog2] Re: Graylog is ignoring some UDP packets sent by a particular host

On Thursday, February 9, 2017 at 10:00:49 AM UTC+1, Jochen Schalanda wrote: > > Hi, > > Graylog itself doesn't care where the packets are coming from. > > Is the routing to Graylog working for the "ignored" host? > Is the networking set up correctly on all hosts? > Are there any firewall rules in

[graylog2] Re: collect logs from remote machine

Ho Jochen so you need to install Sidecar (and then possibly nxlog) on each machine you want to watch a logfile? On Thursday, 9 February 2017 16:43:28 UTC+8, Jochen Schalanda wrote: > > Hi Wallace, > > On Thursday, 9 February 2017 06:03:07 UTC+1, Wallace Turner wrote: >> >> What i am trying to do

[graylog2] How to parse OpenVPN logs in Graylog?

Hi guys, I have the PfSense 2.3.2 with OpenVPN enabled. I want to parse OpenVPN logs in Graylog with Dashboards. I have no idea. Can you help me? Thanks a lot! César -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from thi

[graylog2] Re: Notification condition [NO_MASTER] has been fixed.

Hi Peter, please upgrade to the latest stable version of Graylog (which is Graylog 2.1.3 at the time of writing, and soon Graylog 2.2.0) and check if it solves your problems. Cheers, Jochen On Wednesday, 8 February 2017 13:48:53 UTC+1, Peter Dudas wrote: > > Hi Jochen! > > Did you found any re

[graylog2] Re: Overwriting Timestamp field using Pipeline rules

Hi Al, you might want to try to use your pattern with lower case 'y' for the year component of the date pattern. Cheers, Jochen On Wednesday, 8 February 2017 21:09:19 UTC+1, Al Reynolds wrote: > > I've noticed another error. The timestamp field is being replaced > correctly, but the "gl2_proce

[graylog2] Re: Graylog is ignoring some UDP packets sent by a particular host

Hi, Graylog itself doesn't care where the packets are coming from. Is the routing to Graylog working for the "ignored" host? Is the networking set up correctly on all hosts? Are there any firewall rules in place? How did you configure the Syslog UDP and the Raw/Plaintext UDP inputs? Cheers, Joch

[graylog2] Re: Incoming Gelf UDP messages not showing up

Hi, On Thursday, 9 February 2017 06:54:30 UTC+1, IJFK wrote: > > I'm sending Syslog packets in Gelf format (I successfully validated the > Json), and no matter what I do, the packets don't show up. There is no > parsing error or anything, the data just doesn't show up. > How exactly are you sen

[graylog2] Re: Forward from One graylog to another

Hi Tom, On Thursday, 9 February 2017 04:46:31 UTC+1, Tom Powers wrote: > > Is there any good doc on setting up the tls on the stream output and then > the receiving side at the new graylog instance? Please refer to the documentation at http://docs.graylog.org/en/2.1/pages/streams.html#outputs

[graylog2] Re: collect logs from remote machine

Hi Wallace, On Thursday, 9 February 2017 06:03:07 UTC+1, Wallace Turner wrote: > > What i am trying to do is for graylog to retrieve (or monitor) a log file > at a network location (windows servers) and bring the contents of the plain > text log file to graylog. > > Is this possible (on windows)