Hello,
Are you going to copy the google group threads into the forum?
> On Feb 16, 2017, at 4:23 AM, Taylor Rhoades wrote:
>
> We're excited to announce that we will be moving to a new forum! Starting
> today, you will be able to sign up for the Graylog Forum, which we will begin
> to use o
They have an Enterprise version that archives the ES, I suggest looking into
that.
> On Feb 16, 2017, at 7:58 AM, Dan Hoffmann wrote:
>
> I'm looking to keep on file 3 years of data.
> Is there a way to archive?
>
> I am just learning with graylog so any help is appreciated.
>
> Thanks,
> Da
Yea regex is case sensitive. You could try:
[Aa]pp[Dd]ata\\[Ll]ocal\\[Tt]emp\\.+\.(EXE|exe)
> On Feb 11, 2017, at 6:54 AM, Tom Powers wrote:
>
> AppData\\Local\\Temp\\.+.exe
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe f
ng?
> What are the hardware specs of the machine(s) running Graylog?
>
> Cheers,
> Jochen
>
>> On Monday, 6 February 2017 09:03:09 UTC+1, Richard S. Westmoreland wrote:
>> I'm getting this error in my server.log:
>>
>> 2017-02-06T07:55:17.016Z ERROR [Nett
I'm getting this error in my server.log:
2017-02-06T07:55:17.016Z ERROR [NettyTransport] Error in Input
[Beats/58785c6a57fe51420e73e1ea] (channel [id: 0x8183ee45, /127.0.0.1:52554
:> /127.0.0.1:5051])
*java.lang.OutOfMemoryError: Java heap space*
at
org.graylog.plugins.beats.BeatsFrameD
Hello,
I'm trying to use this plugin on the graylog marketplace:
https://marketplace.graylog.org/addons/9699f645-0d53-4654-864a-fbb08fb6d7ae
I'm doing something wrong. Here is my config:
JDBC URL: jdbc:mysql://myhost.local:3306/graylog
Driver to use: mariadb-java-client-1.5.7.jar
Originally
directory to serve it up that way. This also gives advanced users
an opportunity to play around with the js files.
On Tue, Jan 24, 2017 at 10:06 PM, Richard S. Westmoreland <
richar...@gmail.com> wrote:
> Graylog 2.1.2+50e449a
>
> Accept-Rangesbytes
> Age306654
> Cache-Co
of Graylog are you using? Can you paste the response headers
> you get when your browser is requesting any of the JS assets (not config.js
> though)?
>
> Kind regards,
> D.
>
> > On 24.01.2017, at 12:11, Richard S. Westmoreland
> wrote:
> >
> > The com
a3fdff1dcb3a4a2fece8351d0060c02 and https://github.com/
> Graylog2/graylog2-server/commit/68f0a0bc9508597cc5b81adc0c0b3496b5ac19eb).
> Do you have any special configuration or components in your environment?
>
> Kind regards,
>
> D.
>
> On Wednesday, 4 January 2017 04:43:27 UTC+1,
I wonder if Pentaho would work okay. It can read Elasticsearch. (I have not
tried it yet)
http://forums.pentaho.com/showthread.php?83026-Elasticsearch-Kettle-and-the-CTools
> On Jan 21, 2017, at 8:39 AM, Tom Powers wrote:
>
> What are some of you using to pull reports from Graylog...if anyt
What port are you trying to use?
> On Jan 20, 2017, at 6:15 PM, JayJay wrote:
>
> Hi,
>
> I have GrayLog setup on CentOS7.
> I tried to setup an UDP Syslog input, and after setup, it eventually says
> "failed". I searched the logs, and didn't see much.
>
> I do see "failed" in the main lo
; host => "172.16.52.25"
> port =>
> }
>
> nc -vz -t 172.16.52.25
> Connection to 172.16.52.25 5555 port [tcp/*] succeeded!
>
>
> Le mercredi 18 janvier 2017 10:34:42 UTC+1, Richard S. Westmoreland a écrit :
>>
>> So you have Raw
t => 5445
> }
>
> with the raw text input as you said, i recieve nothing in graylog, but i see
> that logstash is forwarding everything
> cheers
> Anas
> Le mercredi 18 janvier 2017 09:35:01 UTC+1, Richard S. Westmoreland a écrit :
>>
>> Raw TCP Input
>>
Raw TCP Input
> On Jan 18, 2017, at 4:28 PM, Benbrahim Anass wrote:
>
> i already parse everything using json, if like you said i use TCP output,
> what input in graylog should i use?
>
> cheers
> Anas
>
> Le mardi 17 janvier 2017 12:01:17 UTC+1, Richard S. Westm
Instead of syslog("graylog.lab.xxx.xxx" port(5514)); try:
network("graylog.lab.xxx.xxx" port(5514));
This used to be udp() or tcp() depending on the transport you wanted.
Newer versions of syslog-ng documentation have emphasized IETF/RFC5424
examples, but what you are looking for is the older B
8:20,0,any,0,1478205121,0x0,US,10.0.0.0-10.255.255.255,0,2,0,aged-out,0,0,0,0,,Lab-PA5020,from-policy
>
> As you can see, the date and hostname are missing. When I have syslog-ng
> write to a local file, the date and hostname existed.
>
> Thanks,
> -Li
>
>> On Tuesday, Janua
It shouldn't be missing, just parsed. When you search, do you see the hostname
in a separate field? In your Syslog Input there should be an option to keep
original message, so then there will be a separate intact copy included. If you
don't want the syslog to parse at all you could change to a
017 11:51:40 UTC+1, Richard S. Westmoreland wrote:
>> If you're just trying to connect Logstash and Graylog over TLS, I think
>> getting AMQP would be overkill. You should start with getting the TLS cert
>> ready, then enable a GELF TCP Input with TLS, then configure Logstash to
If you're just trying to connect Logstash and Graylog over TLS, I think getting
AMQP would be overkill. You should start with getting the TLS cert ready, then
enable a GELF TCP Input with TLS, then configure Logstash to send to that.
> On Jan 17, 2017, at 7:12 PM, Benbrahim Anass wrote:
>
>
Wow! That is going to be an awesome feature in so many different ways. What
kind of timeline do you have for this next release?
> On Jan 13, 2017, at 7:05 PM, Jochen Schalanda wrote:
>
> Hi Till,
>
>> On Friday, 13 January 2017 10:29:45 UTC+1, Till Brinkmann wrote:
>> So does anyone can giv
It already has its own acronym of GELF, Graylog Extended Log Format.
I sometimes shorten Graylog to GL when discussing it with people familiar with
it.
How about GRAY = General Redundant Array of Yaks
> On Jan 10, 2017, at 10:54 PM, BKeep wrote:
>
> this is pretty trivial but thought I would
What is different about the ZeroMQ plugin, as opposed to using the available
AMQP input option? Are they not compatible?
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an
Is there anyway to change the ajax request time from 1s to something like
5s? I looked around the documentation and configuration but couldn't find
any options for setting this.
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe
I've just figured out how to get my reverse proxy working properly to fully
support the web client, but it leads me to another dilemma. When the JS
application loads, it tries to talk to the REST API URI rather than just
the Web API URI. This poses a problem when I want to publicly expose and
Hello,
I'm working on putting a GL cluster behind a reverse proxy and load
balancer and while troubleshooting a url redirect issue I discovered why
the interface has seemed really slow to me. My servers are in another
country so latency becomes obvious for me.
Just getting to the login screen
25 matches
Mail list logo