Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [graylog]

Graylog is a full-featured open source log management solution.

Graylog is a full-featured open source log management solution.

90 questions
0
votes
1 answer

Graylog ignoring all HTTP logs

I've integrated our PHP web application using Monolog recently and added support for logging into Graylog. Until very recently I've used the Graylog VM and I've successfully logged all the information sent to it. We've now started a full-fledged…
SolarBear
  • 101
  • 2
0
votes
1 answer

execute command in ErrorLog and log to a file in parallel

I try to use apache2gelf to send my error.log information to a graylog2 server. To use that tool I have to change the ErrorLog setting to: ErrorLog "|| /path/to/errorlog2gelf.py --vhost example.com" errorlog2gelf.py itself is besides sending the…
Tobias
  • 115
  • 1
  • 7
0
votes
1 answer

Syslog info from vmware hosts to graylog are not collecting correctly

I have a graylog syslog server running on debian, running fine. I wanted to send syslogs from our Vmware ESX hosts to Graylog. I point a ESX host to the syslog by doing the following: I open vSphere Client and selected my host. And then I select…
Logman
  • 445
  • 2
  • 16
  • 28
0
votes
1 answer

Stop filebeat sending copius metadata

I am sending data from local log files with filebeat to graylog and I am getting a 20x storage overhead compared to the original files. There are a large amount of metadata fields however I can't seem to get rid of them. I have tried many variations…
Damian Games
  • 23
  • 5
0
votes
1 answer

Multiple logging managers for different services, or one with multiple databases (graylog)

I am creating a logging infrastructure for a company with 2 unrelated services. Is it better to have: a single graylog instance that routes the logs from the two services to different elasticsearch databases or rather have two separate graylog…
Damian Games
  • 23
  • 5
0
votes
1 answer

Handle 150 req/s and 2TB of logs for 7 days of retention available by API

I would like to get advise from experienced people to build a HA infrastructure to log 2To of data in JSON format every week. I need to have a retention time of 7 days and need to be able to requests these data by API. The global requirements are…
michbr010
  • 1
0
votes
1 answer

Graylog - data from newest indice not returned on search

I have a Graylog server (newest version) collecting data from nginx. It´s been running for a while. I retrieve the collected data by querying my Elasticsearch cluster (v7 newest version) which consists of 4 nodes ATM. This all work(s/ed) fine. Now I…
OpenHaus
  • 71
  • 2
  • 6
0
votes
1 answer

does remote logging stops local logging

I'm using a Graylog server to centralize logs from network equipment and servers and I'm wondering if the Syslog service on the switches, windows machines, and other equipment, that service still going to save logs locally or just send them remotely…
Retro_0
  • 5
  • 3
0
votes
1 answer

Graylog Email Alert Password Not Working?

I recently changed my gmail password and changed the password in server.conf as well, but now graylog's email alerting fails with: Sending the email to the following server failed : smtp.gmail.com:587 (javax.mail.AuthenticationFailedException:…
user609425
0
votes
1 answer

Graylog fails to parse nginx access_log: JsonParseException: Unexpected character ('<' (code 60))

I've followed https://github.com/ronlut/graylog-content-pack-nginx-docker and Send NGINX logs to Graylog to try to get nginx logs into a graylog 4.1.5 server. Graylog is not displaying messages because it's failing to JSON parse them.…
Felipe
  • 1
  • 1
0
votes
1 answer

Graylog does not receive logs from Docker Swarm Services

I'm new with Graylog and I'm trying to use Graylog on a Docker Container, but the logs from the others containers does not arrive on Graylog and nothing is displayed on the Graylog web interface SEARCH. What should I do to logs of the containers…
Allan Andrade
  • 101
  • 4
-1
votes
2 answers

graylog does not work out of the box

http://docs.graylog.org/en/3.0/pages/installation/docker.html $ docker run --name mongo -d mongo:3 $ docker run --name elasticsearch \ -e "http.host=0.0.0.0" \ -e "ES_JAVA_OPTS=-Xms512m -Xmx512m" \ -d…
ses
  • 99
  • 4
-1
votes
1 answer

Graylog CSV Export is slow after upgrade

After I upgraded from graylog version 2.2.1 to 2.4.3, the csv export became quite slow compared to the previous download rate. I have to say that I did many changes putting it behind pfsense using readonlyrest to restrict access and change to…
AHT
  • 166
  • 1
  • 7
-1
votes
1 answer

How to bind use port 514 so graylog can use as input source

How can I bind 514 so it can be used by graylog. There are examples like iptables -t nat -A PREROUTING -i eth0 -p udp -m udp --dport 514 -j REDIRECT --to-ports 5514 But what I want is to use 514 using root.
jmazaredo
  • 202
  • 5
  • 13
-1
votes
1 answer

How to install graylog application on GCP Kubernetes Cluster

I am trying to install CAdvisor Graylog on Kubernetes Cluster. For now I just need to install simple application. But when installing graylog using Its documentation. I am getting this error "sub process usr bin dpkg returned an error code 1"
Aakriti Talwar
  • 1
1 2 3 4 5
6