Hey,
Encountered a rather strange issue. If a number is the first character
parsed by a syslog tcp input, the following exception is thrown. However,
sending the same input to a syslog UDP input works fine.
2016-02-18 15:19:28,898 ERROR:
org.graylog2.plugin.inputs.transports.NettyTransport -
Thanks for your input, the problem was that extractor_type has changed to
type, apparently. (sorry for hijacking the thread)
On Wednesday, February 17, 2016 at 3:29:43 PM UTC+1, Edmundo Alvarez wrote:
>
> Hi thePretender,
>
> Thank you for testing the alphas!
>
> If
Somewhat same problem when importing extractors on alpha 1, getting import
errors but there is no error message containing additional information
anywhere. Exporting a simple extractor results in lots of additional fields
containing metrics information as well(?). Seems like extractors/content
There is a built in function which does exactly that.
Inputs -> Manage extractors -> click on desired IP field -> copy input ->
choose same name and add Anonymize IPv4 addresses as a converter. The IP
should now be i.e 192.168.1.xxx
On Wednesday, February 17, 2016 at 1:44:42 PM UTC+1, Stefan
Hi,
I'm messing around trying to get the alpha up and running, but i get this
error when trying to log in to the gui:
Error - the server returned: undefined - Bad request
I can't seem to able to find any corresponding errors in the log files, can
someone point me in the right direction?
Thanks, that seems to do the trick.
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web
"fullyCutByExtractor", why isn't this being removed? That seems rather
ineffective.
regards,
thePretender
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send a
I believe the reason is that systemctl starts graylog-web as the user
graylog-web, who are not allowed to bind anything to ports below 1024.
A dirty fix is to change user/group to root in the file
graylog-web.service, I'm sure there are other best practice solutions.
On Tuesday, January 26,
Hi,
I would like to know if anyone here have been able to successfully parse
logs in CEF (common event format) used by ArcSight?
Regards,
thePretender
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this grou
