Hi,
the Graylog api is typically listening on port 9000, so the server_url
is most likely: http://my.fqdn.hostname:9000/api/
Cheers,
Marius
On 20 February 2017 at 14:18, NeefRoel wrote:
> Hi,
>
> I've installed the graylog server version 2.2.0-11 on one server and the
>
There is no noticeable difference, pick whatever you prefer.
Cheers,
Marius
On 20 January 2017 at 17:53, Axen wrote:
> What is the situation about this issue now? (almost 2.5 years later)
>
> The current documentation seems to slightly recommend OpenJDK over Oracle.
> At
As you can see in the error your desktop machine needs access to port
9000: ' http://172.16.124.48:9000/api/'
If that doesn't work the login will fail.
Cheers,
Marius
On 5 January 2017 at 16:54, wrote:
> I also started from scratch. did reboot after configuring IP.
Victor,
can you check if port 9000 is blocked by your firewall? It should be
open from your desktop machine to the Graylog VM.
Cheers,
Marius
On 5 January 2017 at 16:42, wrote:
> Same here.
>
> sun@dev01 # md5sum graylog-2.1.2-1.ova
> 05d501b5fbc303a3f3b534985c8f069a
Hi,
you can stop the sidecar at any time and execute filebeat directly for
debugging. The last configuration is still in the /generated directory
and can be used with filebeat -c .../generated/filebeat.yml
Cheers,
Marius
On 16 December 2016 at 15:35, mytempledarkstar
Could you please open an issue for this here:
https://github.com/Graylog2/collector-sidecar/issues
Will take a look into it.
Cheers,
Marius
On 15 December 2016 at 11:21, C G <csm...@gmail.com> wrote:
> Version is 0.1.0 (3880fd) [go1.7.4/amd64]
>
>
> Le 15 déc. 2016 10:39, &
Hi,
which sidecar version is this? Could please stop all those winlogbeat
precesses and try the same with 0.1.0-beta.2
Cheers,
Marius
On 15 December 2016 at 08:17, CSG wrote:
>
> If i stop the graylog_collector_sidecar service and then run manually
> winlogbeat -c
Hi,
you can try to figure out why winlogbeat is crashing by calling it the
same cmd window. With '.\winlogbeat.exe -c generated\winlogbeat.yml'
it should tell you what the problem is.
Maybe also posting the generated config file could help to debug this.
Cheers,
Marius
On 14 December 2016 at
Hi Joshua,
on the appliances MongoDB runs without a configuration file. Settings
are given by command line options. If you want to change something you
can add or delete options in the start script of MongoDB:
/opt/graylog/service/mongodb/run
Afterwards restart the service.
I think your
Hi,
the right syntax is to use single quotes, but this is problematic with
curl because the json string itself is usually put in single quotes.
So your call looks like this:
curl -X POST -d '{some json}'
now you can't simply put another single quote in the json string like
-d '{some' json}' that
Hi,
did you install the Elasticsearch hosts by hand or also with the OVA?
If they are manually installed you also need to take care of the
Graylog installation manually.
Otherwise multi VM setups are described here:
http://docs.graylog.org/en/2.1/pages/configuration/graylog_ctl.html#multi-vm-setup
Hi Marvin,
the tags are used to define which configuration should be applied to a
host. So it's up to you to add the tag to the collector_sidecar.yml
file. Afterwards it should detect the change in the web interface. If
you want to distinguish between the two inputs at search time you can
use the
lt;https://lh3.googleusercontent.com/-jv3FEaKHs30/WDRS2ySkhTI/AI0/HuN87WebUlcClvyNuMJsColp1tvmtj8KgCLcB/s1600/2016-11-22%2B16_14_25-Graylog%2BWeb%2BInterface.png>
>
>
> On Tuesday, November 22, 2016 at 2:40:22 PM UTC+2, Marius Sturm wrote:
>>
>> Hi,
>> click on edit to
Hi,
click on edit to open the input configuration and add the snippet at
the bottom in the 'Verbatim configuration' field.
Cheers,
Marius
On 22 November 2016 at 13:03, husayn arrah wrote:
> Hello
>
> I have setup a sidecar collector config on graylog using the default nxlog
Hi Tomasz,
you noticed correctly that your server ran out of disk space. Please
make sure that you have enough disk available for storing the
configured log volume.
Cheers,
Marius
On 14 November 2016 at 14:15, Tomasz Wielechowski
wrote:
> Hi
>
> I'm part of the
If there would be an easy work around, Graylog would be compatible. So
no there is nothing you can do other than updating the server.
Cheers,
Marius
On 4 November 2016 at 17:56, Steven Cherry wrote:
> Is there nothing I can do?? Can I not register the Graylog node with
Hi,
could you please post the error message you get and the exact steps
you did? To give us an idea what might went wrong.
Cheers,
Marius
On 1 November 2016 at 07:57, Rajesh Basa wrote:
> Hi Team,
>
> We are done with configuring graylog to our weblogic test Instance
ne of these
>> configs work.
>>
>>
>>
>> ServerName logserver.socialpatrol.net
>> ServerAlias logserver
>> ProxyRequests off
>> ProxyPreserveHost On
>>
>> RequestHeader set X-Graylog-Server-URL "http://10.1.80.7:9000/api/;
&g
Hi Andrew,
when you add a second proxy to the chain, it looks like Graylog would be
reachable from another IP. Your web browser tries to connect back to the
Graylog REST api based on the value of web_endpoint_uri _or_ the
X-Graylog-Server-URL header. Set one of those to the IP that is reachable
Hi Himanshu,
you configured Graylog to use port 12900 for the REST API. The API needs to
be directly accessable by your browser. To do so you can use either the
web_endpoint_uri _or_ the X-Graylog-Server-URL in your proxy config. You
set both but with two different url's.
Use just the one in the
Hi Justin,
did you create any configuration for that host under
'System->Collectors->Manage configurations'? Also make sure that the
configuration actually is tagged by 'linux' and/or
Cheers,
Marius
On 6 October 2016 at 19:11, Justin Bell wrote:
> I'm running into an
Hi Sangh,
the Sidecar needs a connection to the Graylog REST API. The _default_ port
for the api changed in Graylog 2.1 from 12900 to 9000/api. But you can
still use the old settings with newer Graylog versions. Only make sure that
the Sidecar can talk to the api.
Cheers,
Marius
On 27 September
Hi,
you dont have to, it's included in the Sidecar package for ease of
installation but you can point in the configurtion file to the executable
you want to use.
Cheers,
Marius
On 22 September 2016 at 20:04, Evgueni Gordienko
wrote:
> Hi All,
>
> I have filebeat running
llector-sidecar
> service to run separate instance of filebeat for each output get around the
> limitations of filebeat?
>
> On Thursday, September 22, 2016 at 11:45:09 AM UTC-4, Marius Sturm wrote:
>>
>> Hi Steve,
>> Filebeat currently doesn't support
Kunal,
please read the Sidecar documentation first. You have to create a
configuration in the Graylog web interface and tag it with the same tag
like you started the Sidecar instance. There is a step-by-step guide even
with screenshots here:
Hi Tony,
nxlog is not included in the collector-sidecar package, so if you want to
use the nxlog backend you have to install it along with sidecar.
Cheers,
Maris
On 9 September 2016 at 13:04, Tony wrote:
> Hi Guys,
> I have a question. Is it necessary nxlog installation
Hi,
no you dont have to use Logstash. Filebeat is sending data directly to
Graylog's Beats input. So you have to start a beats input first on the
Graylog server and then you have to configure the server IP/Port in the
Output section of the Sidecar configuration.
Cheers,
Marius
On 8 September
Hi,
could you please open an issue for this here:
https://github.com/Graylog2/collector-sidecar
Should be easy to fix.
Cheers,
Marius
On 7 September 2016 at 11:48, Michael Anthon wrote:
> Hi All,
> I have just attempted to set up filebeat and winlogbeat to see
We plan some performance improvements for the next release, so if you see
too much load on the server side at the moment, this will be improved in
2.2. Maybe not relevant for 50 nodes but for 500.
On 7 September 2016 at 11:36, Werner van der Merwe
wrote:
> Thanks
alling onto a Windows trial of 22-25 servers.
>
> Have a Centos puppet manifest (crudely) managing the Centos servers,
> Ubuntu and Windows mostly manual initially.
>
> I'll make the change to adm and report back!
>
> Thanks for a great product!
>
>
> On Wednesday, 7 Sept
Hi Werner,
right the nxlog user needs access to the files you want to read, ususally
thats the 'adm' group on ubuntu and the 'root' group on centos/redhat
machines.
Out of curiosity, how many sidecars are you running in parallel?
Cheers,
Marius
On 7 September 2016 at 06:08, Werner van der Merwe
The input should listen on 0.0.0.0, right.
On 30 August 2016 at 13:17, Ciprian wrote:
> I have also changed 514 to 12201. In system>inputs I need to have a GELF
> UDP input with the ip 0.0.0.0 right? Or the IP of the sidecar server?
>
> --
> You received this message because
Additionally port 514 indicates that you are sending gelf messages to a
syslog receiver. Both protocols are not compatible, you need a gelf sender
(nxlog) and a gelf receiver (graylog server with started gelf input).
\Marius
On 30 August 2016 at 12:48, Marius Sturm <mar...@graylog.com>
o any help would be much appreciated.
> Thank you.
>
> On Tuesday, August 30, 2016 at 11:51:20 AM UTC+2, Marius Sturm wrote:
>>
>> Hi Ciprian,
>> you dont need to install anything on the server side, the Graylog
>> collector plugin, that is needed for the Sidecar
Hi Ciprian,
you dont need to install anything on the server side, the Graylog collector
plugin, that is needed for the Sidecar to work, is already included in the
standard installation.
When the Sidecar is registered under System->Collectors the only thing you
have to do is to click on 'Manage
Hi Joe,
the steps to use a custom certificate are documented here:
http://docs.graylog.org/en/2.0/pages/configuration/graylog_ctl.html#install-custom-ssl-certificates
Cheers,
Marius
On 29 August 2016 at 19:55, Joe K wrote:
> Hello,
>
> After enabling with
> *graylog-ctl
Hi seko,
currently it's not possible to send an alert but with the upcoming 2.1
release the sidecar is sending a status signal back to Graylog. So when you
enable the 'send_status' option you can see on the collector web page which
collector has a broken configuration or just crashed.
Cheers,
Hi Nathan,
it's basically a configuration layer. With Sidecar in between you can
control nxlog from within the Graylog web ui.
Cheers,
Marius
On 24 August 2016 at 16:07, Nathan Mace wrote:
> I'm starting to roll out nxlog / Sidecar to replace our Splunk install.
>
should I be putting comments back against the issue in github?
>
> Thanks,
> Michael
>
> On Monday, 15 August 2016 20:45:51 UTC+10, Marius Sturm wrote:
>>
>> Hi Michael,
>> this was done here: https://github.com/Graylog2/gr
>> aylog-plugin-collect
Hi Jamie,
you have to make these changes on every node.
Cheers,
Marius
On 16 August 2016 at 20:56, Jamie P wrote:
> Hello. I was wondering, if I had a cluster setup where graylog and
> mongodb is running on one ova, and elasticsearch is running on two other
> boxes, do
hose 3 lines from the config
> and running nxlog manually and this definitely works, it connects and sends
> messages to graylog.
>
> If those 3 fields could be made optional and not add those entries to the
> generated nxlog.conf then I think this would work perfectly.
>
> Cheer
Ah ja ok, we shipped the SSL feature recently. So you will see it in the
next Graylog release or you test the beta version.
Cheers,
Marius
On 11 August 2016 at 17:34, Michael Anthon
wrote:
> Oh yeah, I should have mentioned that sorry !
>
>
>- Graylog 2.0.3
Hi,
which Graylog and Sidecar version are you using? In the current beta
(Graylog and Sidecar) you can enable SSL for NXlog and Beats outputs with
paths to a certificate file.
Cheers,
Marius
On 11 August 2016 at 16:55, Michael Anthon
wrote:
> Hi All,
> Is there
Hi,
thanks for the feedback, would you mind openeing an issue for that here:
https://github.com/Graylog2/graylog-plugin-collector
I think we can fix it pretty quickly, it's just hard to track bug reports
on the mailing list.
Thanks,
Marius
On 8 August 2016 at 03:01, Linwood Ferguson
t; Isn't there a way how I can verify, that graylog would receive an UDP
> message from localhost (within the container) to systematically isolate the
> failure?
>
> Best, David
>
> On Wednesday, August 3, 2016 at 2:17:52 AM UTC-5, Marius Sturm wrote:
>>
>> Hi,
>&g
Hi,
your 'gelf-address' looks odd. To get the Docker logging driver working
start a UDP GELF input on the server side and use a address like udp://
192.168.0.9:12201 on the container. Something like /gelf only exist in a
HTTP context what is not used in this case.
Cheers,
Marius
On 3 August
t;
> Cheers, Pete
>
> On Monday, 18 July 2016 23:15:31 UTC+10, Jeremy Farr wrote:
>>
>> Done. https://github.com/Graylog2/collector-sidecar/issues/39
>>
>> On Monday, July 18, 2016 at 3:35:36 AM UTC-5, Marius Sturm wrote:
>>>
>>> Hi,
&g
t; * Natively on Windows: not officially supported
> * Inside VirtualBox: doesn't work and the BIOS option is not available
> * Docker Toolbox: ditto (uses VirtualBox)
> * Docker for Windows: only available for Windows 10+
>
> What am I left with? Vagrant??
>
> --
> Dmitriy Koro
installer
> that was automated for some people like myself who are lazy and want to
> push out a client to all servers with Group Policy and not have to
> configure each Server individually afterwards.
>
>
> On Fri, Jul 29, 2016 at 10:25 AM, Marius Sturm <mar...@graylog.com> wrote:
>
>
that but I have tried the same client on a 32bit server 2003 and
>> I get the same results.
>>
>> On Fri, Jul 29, 2016 at 9:38 AM, Marius Sturm <mar...@graylog.com> wrote:
>>
>>> I think thats the problem, the 32bit binary looks into C:\Program
>>> F
s immediately
>
> Boy, do I wish Graylog would support running on Windows natively. Write
> Once, Run Anywhere is a great idea!
>
> On Friday, April 29, 2016 at 2:21:44 PM UTC-4, Marius Sturm wrote:
>>
>> Hi Nikhil,
>> looks like you didn't enable hardware v
have any log files that I can see. I am running the 32bit client
> on a 64 bit server 2012 R2. It seems like it doesn't even try to start.
>
>
> [image: Inline image 1]
>
> [image: Inline image 2]
>
> On Fri, Jul 29, 2016 at 2:04 AM, Marius Sturm <mar...@graylog.com>
idecar.exe" -version
> Graylog Collector Sidecar version 0.0.9 (amd64)
>
>
> On Friday, 29 July 2016 12:47:16 UTC+1, Marius Sturm wrote:
>>
>> Which version of the Sidecar is this? There should be a little bit more
>> in the output actually...
>>
>&g
=info msg="Fetching configurations
> taggedby: [windows]"
> time="2016-07-29T12:35:57+01:00" level=info msg="Starting collector
> supervisor"
>
>
>
> On Friday, 29 July 2016 12:29:06 UTC+1, Marius Sturm wrote:
>>
>> Hi Phil,
>> could
Hi Phil,
could you try to start the Sidecar in foreground mode. Just open a shell
and go to the installation directory. Start the Sidecar with
graylog-collector-sidecar.
Post the output you see here, maybe we can see some problems.
Cheers,
Marius
On 29 July 2016 at 13:16, Phil Sumner
HI,
ah sorry I misread the error, could you please look into log files in
C:\Program Files(x64)\graylog\collector-sidecar and check if there are any
errors to see?
Thanks,
Marius
On 29 July 2016 at 08:53, Marius Sturm <mar...@graylog.com> wrote:
> Hi Joe,
> this looks like a netw
Hi Joe,
this looks like a networking issue. Please double check your firewall
configuration and make sure that you can reach port 12900 from a remote
node.
Cheers,
Marius
On 28 July 2016 at 22:07, Joe Young wrote:
> I have exactly the same problem while installing the
Hi,
you should not copy nxlog.conf files around. The sidecar is fully
generating a configuration for nxlog and don't need any manual editing
(thats the one in C:\Program Files
(x86)\graylog\collector-sidecar\generated) every other config file is not
used.
>From the screenshot you can see that the
Hi,
the Sidecar is writing a log file in C:\Program Files
(x86)\graylog\collector-sidecar, do you see any errors in there regarding
failed registration requests?
Cheers,
Marius
On 27 July 2016 at 18:03, Jamie P wrote:
> Hello,
>
> I installed the sidecar and nxlog on a
Hi Tony,
the collector option is implemented as a plugin. So please check in your
server configuration the plugin_dir directive and that the collector plugin
is actually located in that directory.
Cheers,
Marius
On 26 July 2016 at 18:32, Tony wrote:
> Hi Marius,
> sorry
Dont forget to set the 'apache' tag on the top of the page and press
'Update tags'
On 25 July 2016 at 17:15, Marius Sturm <mar...@graylog.com> wrote:
> The defaults are pretty fine for a first test. Create a NXLog Gelf output
> with the IP and port of your Graylog's Gelf Inpu
path to the Apache log file. That should be it.
Marius
On 25 July 2016 at 17:09, Tony <anesp...@gmail.com> wrote:
> Thank you Marius, as I am very newbie on the system can you please, write
> me the correct GUI entries to configure it?
> Thanks a lot
>
> Tony
>
> 2016-0
Hi Tony,
you have to create a configuration for the sidecar first. Go to 'Manage
configurations' on the collectors page and set up the needed inputs and
outputs of your nxlog instance.
Cheers,
Marius
On 25 July 2016 at 15:56, Tony wrote:
> Hello everybody,
> I would like
HI,
you can reset the setting by deleting the line `external_rest_uri...` in
/etc/graylog/graylog-settings.json. Afterwards run graylog-ctl reconfigure.
Cheers,
Marius
On 25 July 2016 at 09:41, Arief Hydayat wrote:
> Hi everyone,
>
> Need your help. As I saw in the
Hi,
thanks for the feedback, that's very helpful for us. Otherwise we never
know if the concepts are understood by the users or not.
The current implementation is merging all configurations that are fetched
throug the provided tags. So let's say that your sidecar starts with three
tags, internally
Hi,
could you please create an issue for that over here:
https://github.com/Graylog2/collector-sidecar/issues
Please add your collector_sidecar.yml file to the ticket.
Thanks,
Marius
On 15 July 2016 at 20:25, Jeremy Farr wrote:
> So I'm using nxlog and I've installed the
Hi,
this depends on your tagging schema, let's say you have three classes of
machines 'database', 'application' and 'web_server' and you want to apply a
general configuration to all of them. E.g. a file input for
/var/log/messages, then you can create a configuration for that and use all
three
s fine.
>
> On Thursday, 7 July 2016 19:27:47 UTC+1, Marius Sturm wrote:
>>
>> The generated config looks fine, maybe a screenshot of the Graylog input
>> puts some light on this?
>>
>> On 7 July 2016 at 19:50, Kev Johnson <k...@drunkmonkey.co.uk> w
>>
>> Exec $short_message = $raw_event; # Avoids truncation of the
>>> short_message field.
>>
>> Exec $gl2_source_collector = '28a3c8c7-bc02-44e0-98a5-e93e52b057e5';
>>
>> Exec $Hostname = hostname_fqdn();
>>
>>
>>
>>
>>>
>>>
Hi,
you could check if the Gelf port on the Graylog side is exactly the same as
on the Nxlog sender side, usually 12201. Go to System->Inputs (the input
should have a green badge 'running') verify the port number with the one
you configured for nxlog in the collector configuration.
Another thing,
raylog is) so that only SSH is available (that is
> easy), but we also need to view the web page. Which ports must be
> accessible (HTTPS anything else)?
>
>
> Dne sreda, 29. junij 2016 21.14.17 UTC+2 je oseba Marius Sturm napisala:
>
>> Hi,
>> the OVAs in general are made fo
Hi,
why do change all the IP settings in the first place? When you spin-up a
fresh OVA and just run 'graylog-ctl reconfigure' the scripts try to detect
everything automatically.
Cheers,
Marius
On 29 June 2016 at 20:39, Lionel Valero wrote:
> Here is the chrome console
Hi,
the OVAs in general are made for ease of setup and a quick getting started
experience with Graylog. The trade-off of this that some services need to
be less restricted as in a setup that is optimized for security.
Elasticsearch and MongoDB should always placed in a seperate network as
not sending any log data?
On 29 June 2016 at 11:38, wrote:
> I'm using docker.
>
> the input seems fine.
>
> but there isn't any result in search.
>
> seems the data not in es.
>
> why?
>
>
> --
> You received this message because you are subscribed to the Google Groups
>
ta=false,
>>> master=false},{graylog-2a34-d1ba-4f21-a9df-f45901d845b7}{BiWe2Zy2Syaojr9ek0AlJQ}{172.25.232.35}{
>>> 172.25.232.35:9350}{client=true, data=false, master=false},}, reason:
>>> zen-disco-join(elected_as_master, [0] joins received)
>>> 2016-06-26_
@Ragnar do you try to disable the cipher algorithms for the web interface
or for an log input? Because the web interface on the appliances is TLS
terminated by the Nginx that is also installed. The inputs are served
directly by Graylog's java process, that whould be a differnet setting.
On 27
Hi,
this all boils down to an unstable Elasticsearch instance. When Graylog is
not able to forward log messages to ES it buffers them on disk and tries to
send them later. This is called journal.
So when your ES service is not running properly the journal fills up with
messages. Please take a look
Thanks for investigating in this, please open a new issue here:
https://github.com/Graylog2/omnibus-graylog2
This is not a server issue per se.
Thanks,
Marius
On 23 June 2016 at 16:06, 123Dev wrote:
> Found the offending code.
>
> /opt/graylog/service/graylog-server/run
Hi,
looks like your receiving some binary data on a plain text Gelf input. Did
you switch to TLS encryption or soemthing like that after the update? Could
you please post the generated configuration of NXlog?
Cheers,
Marius
On Wednesday, 22 June 2016 16:27:41 UTC+2, Shon Nixon wrote:
>
> Built
Hi Sangh,
please take a look here for persisting email configuration on the
appliances:
http://docs.graylog.org/en/2.0/pages/configuration/graylog_ctl.html#graylog-ctl
The sub-command you need is `set-email-config`.
Cheers,
Marius
On 16 June 2016 at 11:03, sangh wrote:
Hi Sangh,
currently you have to use the Snippets for that but feel free to create a
feature request with examples here:
https://github.com/Graylog2/collector-sidecar/issues
Thanks,
Marius
On 14 June 2016 at 14:53, sangh wrote:
> hi,
>
> It is not possible to use a
Hi,
Beats support will be released with Graylog 2.1.0
Cheers,
Marius
On 10 June 2016 at 19:53, Terry Lee wrote:
> I cannot seem to to find docs on how to use filebeats with
> collector-sidecar. Can someone point me in the right direction?
>
> --
> You received this message
9, 2016 at 2:56:13 PM UTC+1, Marius Sturm wrote:
>>
>> Thats the default location the Sidecar tries to write the config file for
>> the nxlog collector. Guess the path doesn't exists on your system?
>>
>> --
> You received this message because you are subscribed to
Thursday, June 9, 2016 at 2:38:04 PM UTC+1, Marius Sturm wrote:
>>
>> You have to create an output before and choose it in the 'Fowrard to'
>> field. Otherwise the input is doing nothing. Thats why GL denies to create
>> it.
>>
>>
>> --
> You receiv
[NXLog file input] or [NXLog] UDP syslog listener or any other. None
> of them work.
>
> Thanks
>
>
> On Thursday, June 9, 2016 at 2:29:48 PM UTC+1, Marius Sturm wrote:
>>
>> Hi,
>> could you please provide the data you used for the input. So that I can
Hi,
could you please provide the data you used for the input. So that I can try
to reproduce the issue?
Thanks,
Marius
On 9 June 2016 at 15:25, Marko Lerota wrote:
> Hi I am trying to configure collector sidecar but without success. Graylog
> is failing to create inputs.
> I
Hi,
depends on the operating system you use, e.g. on a Ubuntu system a 'sudo
service graylog-server start' should be enough.
Cheers,
Marius
On 1 June 2016 at 11:30, wrote:
> Hi
> version 1.3
>
> I used a recipe in chef :https://supermarket.chef.io/users/chr4 {{
> install
Hi Pasqual,
the easiest way of setting this up is to just use the 'enforce-ssl'
command. This will put the web interface and the rest api on port 443. This
should work on the internal and the external IP address.
Once you use the 'set-external-ip' command you basically tell graylog-ctl
that you
Hi,
could you put all the informations in a ticket please:
https://github.com/Graylog2/omnibus-graylog2/issues
I have to review that later.
Thanks,
Marius
On 31 May 2016 at 15:09, David Gerdeman wrote:
> I had to wait for it to fail again. It looks like it failed on
Hi,
the list of involved hosts in the cluster is stored and distributed via
Etcd. It's organized like a directory tree, so you can do:
'/opt/graylog/emvedded/bin/etcdctl ls'
or '/opt/graylog/emvedded/bin/etcdctl ls servers' to see all graylog
servers.
To delete an entry use the rm command:
Hi Sanhegi,
do you see any errors in the nxlog_stdout/stderr files under
/var/log/graylog/collector-sidecar? It could be that you started nxlog on
port 514 and there is another syslog already listening or something like
that? Are you sure that the firewall syslog messages can be processed by
Hi Trisha,
normally the ip of the appliance comes from the dhcp server in your
network. So I would start there and see why it is not providing an ip to
the appliance. There could be many reasons, e.g. wrong vswitch settings or
some firewall rules or whatever. Maybe some local admin could provide
Hi Adam,
I guess you are referring to the Graylog appliance. We have some
documentation on how to change from dhcp to static ip over here:
http://docs.graylog.org/en/2.0/pages/installation/graylog_ctl.html#assign-a-static-ip
Usually you can use sudo (not su, thats another command) password-less on
Thanks,
should be fixed soon.
On 25 May 2016 at 16:42, Leittechnik SUN wrote:
> Hi Marius
> if node_id is not set (empty, or "", or '') the sidecar service will not
> start :-(
> i think i create an issue ..
>
> Am Mittwoch, 25. Mai 2016 15:03:09 UTC+2 schrieb Leittechnik
The Runit service that is the supervisor for all daemon processes on the
appliance should already rotate the standard logs. It's configured through
these parameters:
https://github.com/Graylog2/omnibus-graylog2/blob/2.0/files/graylog-cookbooks/graylog/attributes/default.rb#L95
Which file exactly
You want to configure your network security and not install another
collector. Nxlog alone is sufficient.
On 24 May 2016 at 16:38, rvb n wrote:
> do i want to install graylog collector? or is nxlog alone enough?
>
>
> On Tuesday, 24 May 2016 19:59:13 UTC+5:30, rvb
Hi Wolfgang,
looks like the file /etc/graylog/graylog-secrets.json is not a valid json
file anymore. Could you please verify the file for obvious errors like a
missing comma or unclosed quotation marks?
In doubt you could try to re-generate that file with "sudo graylog-ctl
set-admin-username
On AWS network ports are usually not accessable from the outside, please
read about network security and how to configure it here:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html
On 24 May 2016 at 16:29, rvb n wrote:
> Sir ,
>
> I have
19:20:45 UTC+5:30, Marius Sturm wrote:
>>
>> NXlog is telling you already what the problem is: ERROR Service is
>> already running
>> There is another nxlog instance running, stop that process before
>> starting a new one.
>>
>> On 24 May 2016 at 15:41, rvb n
>
> still i have not received any log. can you please ask some question like
> cross check so that can correct my mistake. pls sorry again
>
> On Tuesday, 24 May 2016 18:47:18 UTC+5:30, Marius Sturm wrote:
>>
>> With Graylog it's easier to use Gelf instead of syslog. Re
1 - 100 of 171 matches
Mail list logo