Highest Voted 'graylog' Questions - Server Fault Stack Exchange

0

votes

1 answer

Graylog Alert is automatically resolving itself.

Graylog v2.3.2 My goal is to have a condition raise an alert, and the alert remain open until it's marked resolved or a defined resolved condition applies. I have an alert setup and here is the condition configuration: Configuration: Alert is…

graylog

asked Jan 05 '18 at 00:17

emmdee

2,187
12
36
60

0

votes

1 answer

Graylog v1.1.1: Editing source IP Address to reflect the IP inside a time stamp

I wonder if you can help with the following query? I have a client (Centos 7) server (IP 1.1.1.1) in my office that sends its logs to a Centos 7 Syslog server (IP address 1.1.1.2). The syslog server forwards its logs to a Centos 7 Graylog v1.1.1…

ip redirect ip-address graylog

asked Jun 01 '17 at 14:33

danielsaan

1
2

0

votes

1 answer

Applying item template to elasticsearch

I am trying to apply an item template to my elasticsearch cluster, to deal with the issue of having fields with content longer than 32kb. I am using version 2.4.4, as this is the highest supported version in graylog. See:…

elasticsearch graylog template

asked May 23 '17 at 13:01

Morten Toudahl

41
9

0

votes

1 answer

Can Graylog set up an alert that triggers on a # of messages PER HOSTNAME?

I have a multi-tenant app, and I'd like to be able to have Graylog alert on things per tenant (essentially per hostname). So for example, rather than just doing this (which would aggregate data across all tenants): Alert when more than 10 messages…

graylog

asked May 11 '17 at 14:01

Keith Palmer Jr.

1,173
4
16
29

0

votes

1 answer

Does Graylog2 monitor services and hard disks like Icinga2?

We have graylog2 set up to monitor the syslogs, etc. However we're wondering if we can use it to monitor the different services, if they're down or not, if the hard disk is filling up. Does it provide such features? Or will we have to install…

logging graylog icinga2

asked Apr 26 '17 at 12:44

Pat

133
1
10

0

votes

1 answer

Graylog stream getting events, but is empty

I've started sending Palo Alto logs to Graylog, and a stream rule picks them out by matching "Palo Alto" in a "tags" field (which is how all my stream rules are; a front-end Logstash instance does the tagging before shipping to Graylog). I know the…

logging elk graylog

asked Mar 24 '17 at 19:09

armani

420
1
9
26

0

votes

2 answers

Is it safe to delete Gralog Indexes

ElastiCache Cluster was in red state. Below is the out of cluster health Status { "cluster_name" : "graylog", "status" : "red", "timed_out" : false, "number_of_nodes" : 1, "number_of_data_nodes" : 1, "active_primary_shards" : 0, "active_shards" :…

elasticsearch graylog

asked Mar 08 '17 at 17:47

tessie

101
5

0

votes

1 answer

502 Bad Gatway graylog

I am using nginx as a reverse proxy.graylog uri conf graylog.conf: rest_listen_uri= http://127.0.0.1:9000/ rest_transport_uri = http://192.168.1.1:9000/api/ nginx.conf: server { server_name graylog.example.in; listen 80…

graylog

asked Mar 08 '17 at 07:59

tessie

101
5

0

votes

1 answer

elasticsearch: limiting disk space

I'm using elasticsearch in conjunction with Graylog. Is there a way to limit the size of the elasticsearch database, possibly using a round-robin database approach for the logs? My setup is relatively small (~100GiB database), and I'm aware that…

elasticsearch graylog

asked Dec 06 '16 at 10:16

watain

151
1
3
14

0

votes

1 answer

Graylog alert on unique email addresses?

We are trying to figure out if there is a way to create a stream/alert that will detect when an email address has been in a log more than X times. From what we can tell I can only count the total number of messages that match the stream. For…

linux logging graylog

asked Jul 07 '16 at 18:52

tweeks200

351
1
3
11

0

votes

2 answers

Rsyslog output in GELF

rsyslog is powerful, but its docs aren't that explicit. I can't figure out how to parse a log file and route it directly to Graylog in GELF format. I have found bits of documentation about outputing gelf in rsyslog but I'm not sure how to proceed.…

logging syslog rsyslog graylog

asked Jun 23 '16 at 09:57

Buzut

815
3
10
23

0

votes

3 answers

graylog-web 1.3 port change

I've just setup graylog server on my ubuntu server using the the apt-get feature. Graylog is currently working with no issues, but I would like to change the port from 9000 to port 80/443. I can't seem to find any documentation on how to do that!

graylog

asked Feb 07 '16 at 18:49

Yusof

3
3

0

votes

1 answer

Graylog How do I include message data in alert email?

I am having trouble adding relevant information to the alert emails sent from Graylog. I would like to include the actual log message that generated the email alert in the actual email alert. I am attempting to use the "message" variables does seem…

email graylog

asked Dec 03 '15 at 18:20

Blake

111
1
4

0

votes

1 answer

NXLog unable to read complete .csv file

I try to work out why NXLog can't read the complete .csf file witch has the same name but gets edited every 12 hours by windows for a export. conf file of NXLog: #define ROOT C:\Program Files\nxlog define ROOT C:\Program Files (x86)\nxlog Moduledir…

linux csv graylog nxlog

asked Jul 02 '15 at 14:03

Alex

1
2

0

votes

1 answer

Graylog2 log submit authentication

I'm testing Graylog2 as our central log management tool for our applications. Is there a way to secure the log submit process? If we only use graylog2 in our local environment its not a big deal to secure the submit process through some firewall…

graylog

asked May 29 '15 at 06:36

take

101
2

Questions tagged [graylog]