[graylog2] What is this message ID actually called?

I cannot seem to search for "49ff64f1-81ca-11e6-bb22-bc764e119bb9" to find this message but as the screen shot shows, it's there.

[graylog2] Sending a link to the log entry that triggered an alert.

I'm using the HipChat plugin to send alerts if a field value is a certain number. I would the message to contain a URL to the message just like clicking Permalink would generate when looking at the message. Anyone know how to accomplish this? Here is my message template as it stands now:

[graylog2] Compress collected data or move to a new HDD?

I have Elasticsearch data and it's logs written to a 2nd HDD than where the OS is. This HDD, 100GB, is constantly getting maxed out with ES's logs which I manually delete, but I see the indices are slowly creeping up in size too. Is there a compression option that I am missing? Or how would

[graylog2] Re: Seeking Information

This may be of use to you in regards to Graylog and Splunk. https://www.graylog.org/blog/19-graylog-splunk-integration-is-now-here On Wednesday, September 7, 2016 at 10:34:36 AM UTC-6, peterse...@gmail.com wrote: > > Seeking Information about GreyLog, I am Currently an Administrator of >

[graylog2] Rest API on 9000 doesn't work.

According to http://docs.graylog.org/en/2.1/pages/upgrade/graylog-2.1.html I can now use port 9000 for the web interface and rest API. However after editing /etc/graylog/server/server.conf and changing the rest_listen_uri = to LANIP:9000/, neither the web interface or rest API work. No

[graylog2] Collectors show Unknown or Failing status after upgrading to 2.1 from 2.0.3

I'm still receiving messages but under System > Collectors, all show either Failing or Unknown. I can make changes to my configurations and they update my nxlog.conf files so I know communication is happening both ways. I've restarted the collector and no change. All collectors are version

[graylog2] Re: Updating to Graylog 2.1.0 from 2.0.3

$ wget https:// packages.graylog2.org/repo/packages/graylog-2.1-repository_latest.deb $ sudo dpkg -i graylog-2.1-repository_latest.deb $ sudo apt-get update $ sudo apt-get install graylog-server Worked for me. On

[graylog2] Re: "Best practice" for multiple source/input configurations

I use a different input for each type of log, platform, eventlog, iis, etc.. My thinking was mainly I want to see everything from something specific without noise from another and without the need for a stream. - On Wednesday, September 7, 2016 at 4:01:08 AM UTC-6, Michael Anthon wrote: > >

[graylog2] Re: Graylog isn't processing messages

Thats what I ended up doing. I stopped Graylog and Elasticsearch before making my changes to the log path. I wonder 1. Why the logs were so big and 2. Why I had to delete the journal. Next time I won't wait so long, this time I lost 500k messages by the time I deleted the journal. On

[graylog2] Re: Graylog isn't processing messages

Here is my elasticsearch log starting from when I restarted the elasticsearch service. http://pastebin.com/4WR3Nn5K On Friday, September 2, 2016 at 10:57:37 AM UTC-6, 8bits...@gmail.com wrote: > > I had changed the path for elasticsearch data to a second HDD, but not the > logs. Today my root

[graylog2] Re: [ANNOUNCE] Graylog v2.1.0 has been released

Thank you Jochen! On Friday, September 2, 2016 at 2:27:05 AM UTC-6, Jochen Schalanda wrote: > > Hi, > > > On Friday, 2 September 2016 00:37:14 UTC+2, walderba...@gmail.com wrote: >> >> Would I simply need to run the following? >> > […] >> > And would this preserve all my users, settings,

[graylog2] Graylog isn't processing messages

I had changed the path for elasticsearch data to a second HDD, but not the logs. Today my root HDD reached 99% as a result. I stopped Graylog, deleted the elasticsearch logs at /var/log/elasticsearch, and edited the elasticsearch.yml to point to the second HDD. I rebooted my machine and my