Highest Voted 'graylog' Questions - Server Fault Stack Exchange

1

vote

1 answer

Graylog2 server cannot connect to Elasticsearch

I try to follow Digital Ocean manual except using last versions of components. My elasticsearch.yml: cluster.name: graylog2 network.bind_host: localhost network.publish_host: localhost script.disable_dynamic: true Elasticsearch says it is ok. Then…

logging elasticsearch graylog

asked Aug 03 '14 at 15:23

Michael

43
1
2
5

1

vote

3 answers

Any body deployed GrayLog successfully?

We are looking for a open source logging system and found Graylog2 as one of the best one. Anybody having some experience in setting up? Any blog post you got while installing. I have few but still afraid to mess up the things. PS: Suggesions for…

logging ruby-on-rails graylog

asked Aug 10 '11 at 20:31

Mohit Jain

953
2
10
15

1

vote

0 answers

How do we prevent accidental Graylog denial of service problems without multiple graylog instances?

Our original problem Last year we had a problem where a rogue piece of software on one server spammed our central Graylog Server with so many messages that it caused problems for other applications. The main problem was older useful messages from…

logging kubernetes graylog centralized-logging

asked Aug 30 '23 at 15:52

Mark Booth

431
1
9
18

1

vote

0 answers

Kafka not stopping consumers when deleting group

I am sending logs from Logstash as the producer to Kafka and then consuming them from Graylog. This works as expected. However, when stopping the Graylog input, thus sending a LeaveGroup request, the consumer is not unregistered and even when the…

kafka graylog

asked Jul 15 '23 at 15:17

dmuensterer

143
1
6

1

vote

0 answers

Certificate only works from client side, how do I debug something like this? (graylog/filebeat/JVM keystore)

I created 2 key-certificate pairs with the exact same method. However, while trying to setup TLS on my graylog server to a remote filebeat node, it does not successfully connect when trying to connect with a regular certificate validating the…

ubuntu ssl logstash graylog filebeat

asked Mar 08 '23 at 10:54

Damian Games

23
5

1

vote

0 answers

Installing Graylog with Nxlog collector on a Windows DC: no service installed

I'm trying to install a NxLog collector on a Graylog client machine. The Graylog and associated infra (elastic and mongodb) is running just fine. The install client is a Windows Server 2019 DC ("secondary"/"agent"/"respondent"? the not master new…

domain-controller windows-server-2019 graylog nxlog

asked Jan 18 '22 at 19:55

Luiz Silveira

11
1

1

vote

1 answer

graylog 4.0 - Injector could not be created

Trying to set up graylog with official graylog2.graylog ansible role. Installed Elasticsearch (v7.10.2) cluster on three separate servers with official elasticsearch ansible role (node_1 - master, node_2 and node_3 - data) - no problems so far. When…

ansible mongodb elasticsearch graylog

asked Oct 23 '21 at 13:06

Drew

123
5

1

vote

0 answers

GELF json logs stop arriving on graylog after some time from nginx proxy in docker

Hmm..where to start...i've got an application stack (running in docker swarm), with nginx as proxy in front. Ive got json-formatted logs, being sent to graylog via gelf. Container system is alpine 3.11.5 and nginx version is 1.17.10 nginx.conf…

nginx proxy docker graylog alpine

asked Apr 28 '20 at 15:24

zaw

11
2

0

votes

1 answer

Grok filter for Cisco ASA

How can i get port from cisco ASA syslog using grok pattern. I have tried some methods and its not working . We are using graylog for collecting log data. Eg Log : %ASA-6-301014: Teardown TCP connection 1846898154 for Vodafone:107.23.89.178/443…

linux cisco syslog graylog grok

asked Apr 07 '19 at 11:07

James Arems

81
6

0

votes

1 answer

GrayLog, can not see any logs

I install it as: $ docker run --name mongo -d mongo:3 $ docker run --name elasticsearch -p 9200:9200 -p 9300:9300 \ -e ES_JAVA_OPTS="-Xms2g -Xmx4g" \ -e "discovery.type=single-node" -e "xpack.security.enabled=false" \ -e…

graylog

asked Mar 04 '19 at 04:08

ses

99
4

0

votes

1 answer

Mapping fields from a beats log message in graylog

this is a slightly rephrased version of: Whos is eating my fields? (or: how do I get more of the custom fields from my beats message into graylog) i am using filebeat to collect logs from a bunch of docker containers, and then ship them to a…

graylog filebeat

asked Nov 20 '18 at 10:52

rmalchow

176
8

0

votes

1 answer

NXLog TLS configuration

I am trying to send logs using nxlog installed on a windows server to graylog server using TLS. I have created a self signed certificate. My questions is, if I set AllowUntrusted value to True in nxlog configuration for om_ssl module, do I have to…

graylog nxlog

asked Nov 19 '18 at 09:28

Prashant Mothukuri

101
1

0

votes

1 answer

run graylog in different port

Hi I used openstack qcow2 format and run the graylog server Now I can access my openstack machine only using floating public IP address and not via private Internal IP address. Here when I do graylog using public Ip address I get the following…

graylog

asked Jun 25 '18 at 15:05

Naggappan Ramukannan

187
1
11

0

votes

1 answer

Any way to save Suricata alert payload?

I've followed some directions for setting up Graylog and Snort (I used Suricata however) here but it would be nice to be able to see what the Alert payload was which generated the event. An application named Snorby used to do this beautifully. You…

snort graylog

asked May 03 '18 at 16:03

Server Fault

3,714
12
54
89

0

votes

1 answer

rsyslog upload limitation?

I use rsyslog to upload logs to my Graylog server /etc/rsyslog.conf: $InputFileName /var/log/apache-error.log $InputFileFacility apache $InputFileTag #apacheError: $InputFileStateFile apache-error $InputFileSeverity error $InputRunFileMonitor if…

rsyslog udp graylog

asked Feb 27 '18 at 10:02

Paul

103
4

Questions tagged [graylog]