Hi Frank,
thanks for the tip "field analyze", that was the right way. Elasticsearch
uses per default dynamic Mapping as described here
https://www.elastic.co/guide/en/elasticsearch/guide/2.x/dynamic-mapping.html
.
I can use different type of fix mapping e.g in Elasticsearch, maybe i use
Hi Jochen, You're right but there is another problem
I have tried to enable rest_transport_uri with "public IP" but it couldn't
bind to Interface with port 9000 or 12900. I have SeLinux na IPtables
disabled so it's not a problem, maybe something else
# netstat -tlpn | grep java
tcp0
I looked here http://docs.graylog.org/en/2.2/pages/upgrade.html and don't
see any directions for upgrading Graylog 2.1 to 2.2. A Stackoverflow
post[1] mentions backing up /etc/gralog2.conf and simply untarring the new
graylog. Is this the correct upgrade path? I've already posted this
Graylog Team,
Congratulations on the release of 2.2.0. Can't wait to take it for a spin!
:-)
-Bill
On Tuesday, February 14, 2017 at 5:07:13 AM UTC-10, Jochen Schalanda wrote:
>
> Hi everyone,
>
> I'm proud to announce the GA release of Graylog 2.2.0!
>
> We've put a lot of work into this
Hello Graylog Users,
We're seeing a strange issue with our Graylog deployment. Things generally
seem to work fine, except that on average once a day our ElasticSearch
cluster will go yellow or red. We have our nodes distributed across two
datacenters and the issue seems to happen following a
Thanks Jochen.
I'm looking at graylog pipelines docs, but I think I'm really confused :-/
I've created a pipeline with one rule that extracts key=value pairs:
rule "Extract K=V"
when true
then
set_fields(key_value(to_string($message.message)));
end
Then I've created a stream of messages,
Hi everyone,
I'm proud to announce the GA release of Graylog 2.2.0!
We've put a lot of work into this release to bring you interesting features
like improved retention and rotation (index sets) and enhanced alerting.
You can find the release notes for Graylog 2.2.0 at:
Hi Rui,
On Tuesday, 14 February 2017 13:15:13 UTC+1, Rui Goncalves wrote:
>
> Why it's not possible to remove a field from the received message using
> extractors?
>
This was a deliberate decision at the time to prevent people from wondering
why some field didn't exist anymore due to stacked
Hi all.
I'm receiving messages following the pattern key=value. I'd like to set the
value of two of the received keys on graylog standard fields, namely
"message" and "timestamp" and discard the original fields completely.
I can use the "key=value" converter, then "copy" the original field's
Am Montag, 13. Februar 2017, 23:54:41 schrieb celtar:
> agent = (Original Message) : "Mozilla/5.0 (compatible; Googlebot/2.1;
> +http://www.google.com/bot.html)"
> 1. Search = Input AND agent:*Googlebot* = result none found
> 2. Search = InputAND agent:*Googleb* = result none found
> 3.
Hi,
i found it. I have to use Extractors.
http://docs.graylog.org/en/2.1/pages/extractors.html
Thx
john celtar
Am Dienstag, 14. Februar 2017 08:54:42 UTC+1 schrieb celtar:
>
> Hi,
>
> we use graylog 2.1.2 with the apache-gelf Module from the marketplace.
>
> If we try to search "Googlebot" in
11 matches
Mail list logo