Stack Overflow
Stack Overflow

Questions tagged [graylog]

Graylog is an integrated Open Source log capture and analysis solution for operational intelligence.

Graylog is an integrated log capture and analysis solution for operational intelligence.

Non Graylog-authored components include MongoDB for metadata and Elasticsearch for log file storage and text search.

Basically is a server that collect log messages and provide an interface for analysis and monitoring

Architectural view

Messages (logs) are only stored in Elasticsearch. If we have data loss on Elasticsearch, the messages are gone.

MongoDB is only storing meta information and will be abstracted with a general database layer in future versions. This will allow you to use other databases like MySQL instead.

321 questions
4
votes
1 answer

graylog mongdb configuration with user password on docker-compose

I'a trying to set a mongodb user password whend makeing a docker-compose file for graylog. But i can't set up the user and the password correctly. here is my docker-compose.yml : version: '2' services: # MongoDB: https://hub.docker.com/_/mongo/ …
Bussiere
  • 500
  • 13
  • 60
  • 119
4
votes
1 answer

How to configure Graylog Plugin on bootstrap (non interactive)?

I setup a Graylog server based on the official Graylog 3 Docker image and added the SSO plugin. In principle it works but I have to configure the SSO headers using the UI after each container start. I see the options to configure Graylog itself…
Arne Burmeister
  • 20,046
  • 8
  • 53
  • 94
4
votes
2 answers

Lower log level for Quartz

I am using Serilog in my .NETCore servers with several sinks such as console, file and graylog (GELF) for my cloud deployments. As soon as I set the log-level to DEBUG I get messages from the quartz scheduler thread every few seconds. How can I turn…
ThommyB
  • 1,456
  • 16
  • 34
4
votes
1 answer

Graylog: Move configuration of graylog between environments

I'm looking solution for moving configuration from test environment to prod environment for graylog. Once I configure inputs and streams on test environment I would like easily move this configuration to production. Doing it manually can produce…
Piotr
  • 569
  • 6
  • 20
4
votes
1 answer

How to import old log files to graylog as input?

I am able to to setup graylog-server and graylog-web and able to setup input for generated log of apache2, tomcat and other applications with the help of graylog-collector e.g. apache-access { type = "file" path =…
Alok
  • 7,734
  • 8
  • 55
  • 100
3
votes
1 answer

Error while parsing the container logs using Filebeat

I have created a demonset of filebeat on azure kubernetes to collect the logs and ingest on Graylog but seems like there is an parsing error related to parsing which am not able to figure out. Kindly help me out. I got the code from…
Docgyan
  • 655
  • 2
  • 12
  • 29
3
votes
2 answers

Graylog in Docker persistent

I'm trying to make a Graylog Docker Container persistent. Meaning that after restarting (docker-compose down; docker-compose up) the logs will still be there alongside the configuration. I've used the documentation at…
Christian Schmid
  • 31
  • 1
  • 2
3
votes
1 answer

Graylog Search with strings containing /

I have logs which contains in full_message; -EndPoint:example/example/abc -EndPoint:example/example/qfdsf -EndPoint:example/example .. and so on I am trying to write a search query to just get -EndPoint:example/example. "-EndPoint:example/example"…
Kaan
  • 379
  • 3
  • 7
3
votes
2 answers

How to Update Graylog version in docker

I am new to graylog, I have installed graylog in docker and after installing it I observed 2 notifications one is related to Graylog Upgrade. Can someone tell me how to update it using docker commands? Note: First in need to take backup of my data…
Dinesh Reddy Alla
  • 1,677
  • 9
  • 23
  • 47
3
votes
0 answers

How to configure an syslog TLS input in Graylog2

I have two servers, a production server and a monitoring server. On the monitoring server I have Graylog2 installed (version 2.3.2). Before I passed the logs between the two servers in UDP. With this config: Production server…
gspohu
  • 41
  • 1
  • 5
3
votes
2 answers

Graylog Collector Connection Refused

I am trying to create a Graylog Server - Graylog Collector setup, where the graylog collector collects the syslog files on one machine and ships them to the server. I have used the AWS AMI to create the Graylog Server and it is working as…
Seán
  • 523
  • 2
  • 10
  • 17
3
votes
1 answer

unable to send messages to graylog server using logstash

I am using logstash to send messages to graylog server. I have been successful in sending messages directly to elasticsearch or stdout or loggly. I have also been successful in sending messages to graylog server using cURL. curl -XPOST…
user868643
  • 281
  • 4
  • 11
3
votes
2 answers

Graylog2 Stream filter rule

I've got a graylog server setup and working. (version 0.9.6, with web interface). I have a stream for log entries with severity NOTICE or higher. I want to add a filter rule to that stream which filters out all the entries with the word nagios in…
user520476
2
votes
0 answers

FluentBit: Where does field in logs for pod come from?

I have k8s cluster with сonfigured fluent-bit logger. Configuration of fluent-bit: custom_parsers.conf: | [PARSER] Name docker_no_time Format json Time_Keep Off Time_Key time Time_Format…
Радик Фахриев
  • 21
  • 2
2
votes
1 answer

How to search Graylog with a partial Text match

The wildcards seem to only apply to non-string literals and text. I want to match the text on a partial match. Example: source: org.*.application-* AND "*.pdf" The wildcard works with the source param but not instead of my literal. How can I use a…
Braden Borman
  • 309
  • 1
  • 8
1
2
3
21 22