Graylog is a full-featured open source log management solution.
Graylog is a full-featured open source log management solution.
Questions tagged [graylog]
90 questions
1
vote
2 answers
nginx: exclude sub-location in reverse proxy configuration
I want to build a http to https reverse proxy based on nginx for a graylog instance, let's say it's url is graylog.domain.local.
Graylog does NOT serve ssl encrypted connections, just standard http over port 9000. The tricky thing about this is that…
farosch
- 142
- 1
- 2
- 10
1
vote
1 answer
Analysing AWS Cloud Trail logs to get security insights
I have enabled the cloud trail logs and I get the logs to my graylog system. Now how can I do analysis on the following use cases:
What if same user is trying to login and using from different Source IP's
Need to analyse like if particular user is…
Naggappan Ramukannan
- 187
- 1
- 11
1
vote
1 answer
Graylog: Is it possible to view a chunk of logs all at once?
Sometimes I would like to view log entries as a "standard" looking text based log file.
Right now sometimes I'll end up going to the server where the logs were generated just so I can display a block of text to follow a timeline of logs a little…
emmdee
- 2,187
- 12
- 36
- 60
1
vote
0 answers
How do you deploy Graylog to an AWS Linux server?
I followed these directions (graylog's website) to deploy Graylog to an Ubuntu server in AWS. I created a server with 4 GB of RAM.
I created a security group that allows inbound connections on any TCP port from the external IP address of the Ubuntu…
Jermoe
- 11
- 1
1
vote
1 answer
Can I use AWS ES be integrated with Graylog2?
I am on a very initial setup and I want to know if I can use ES offered by AWS as a service to the Graylog2?
I am quite sure this cannot be accomplished since AWS doesn't offer anything to configure.
Kittystone
- 113
- 3
1
vote
1 answer
Graylog2 - Grouping on host name variants
We are sending Apache access logs to Graylog (2.1.1). We have 70+ websites and I want to build a quick value chart for say all requests that resulted in a 5xx response.
Currently when I create said chart www.somedomain.com and somedomain.com are…
grahamjgreen
- 951
- 2
- 8
- 12
1
vote
1 answer
Loading field information in Graylog 2.1.x failed with status 500 (Internal Server Error)
I'm working on setting up a Graylog and I'm getting the following error:
Loading field information failed with status: cannot GET http://192.168.2.108:12900/system/fields (500)
I am on this…
Jason
- 3,931
- 19
- 66
- 107
1
vote
1 answer
Graylog and ELB
We are trying to use ELB to load balance two graylog nodes. For the most part it works correctly but for certain actions like going to System-Nodes it times out and we receive the following. If we go to the URL in logs directly we see an HTTP 405…
tweeks200
- 351
- 1
- 3
- 11
1
vote
1 answer
Why does graylog2 delete old indicies?
According to http://docs.graylog.org/en/1.3/pages/index_model.html, graylog2 deletes old indicies based on the "elasticsearch_max_number_of_indices".
Why can't graylog2 allow no. of indicies to grow?
Also, according to the same page above,
You have…
David C
- 123
- 6
1
vote
1 answer
graylog-server not binding on port 12900
I have a situation here where graylog-server does not bind to port 12900 no matter what I do. I have used github.com/graylog2/graylog-ansible-role to install the rpms for graylog-server-1.1.6-1.noarch, elasticsearch-1.6.2-1.noarch,…
Doru C.
- 156
- 1
- 7
1
vote
2 answers
Is there any way to see the context of a log message in Graylog2?
I've installed a Graylog2 server and begun collecting log data. It all worked fine, but as soon as I found the first Java exception with attendant stack-trace, a problem occurred to me. How can I see the exception and the following (or preceding)…
mhvelplund
- 97
- 2
- 12
1
vote
1 answer
Asterisk logging to Graylog2
Does anyone have any experience with logging Asterisk servers to Graylog2?
I'd like to be able to send certain verbosity levels to Graylog2, but I don't have a clue how to go about it.
The goal is to get Asterisk's logs into Graylog2, to keep them…
Peter Schrøder
- 113
- 6
1
vote
1 answer
Installing Graylog2 with puppet
I have manged to install Graylog2 from scratch by downloading all the DEB files and making the configurations. Now I try to install Graylog2 with the help of puppet in an environment and had no luck so far.
I am using elasticsearch/elasticsearch and…
syss
- 123
- 7
1
vote
1 answer
Graylog2 cannot send email alert
I have graylog2 v0.20.6 and when I try send test alert via mail I see this error:
Error! ×Unable to send dummy alert, check server log for details: API call failed GET http://@127.0.0.1:12900/streams/53eb19b722e4a0c4d93dcfe5/alerts/sendDummyAlert…
Mick
- 347
- 3
- 14
- 27
1
vote
0 answers
Graylog2 date extractor from tab-delimited file
I have a tab-delimited logs with such messages:
2014-06-01 00:00:56 192.168.1.1 968 http://yandex.ru
I can extract date and time with regexp (\d{4}-\d{2}-\d{2}\s*\d{2}:\d{2}:\d{2}) but when I try to convert it to timestamp with pattern…
Michael
- 43
- 1
- 2
- 5