Stack Overflow
Stack Overflow

Questions tagged [graylog2]

Graylog2 is an open source log management tool for aggregating, filtering, alerting on, and performing analytics on syslog messages.

279 questions
101
votes
3 answers

How to handle multiple heterogeneous inputs with Logstash?

Let's say you have 2 very different types of logs such as technical and business logs and you want: raw technical logs be routed towards a graylog2 server using a gelf output, json business logs be stored into an elasticsearch cluster using the…
David
  • 2,603
  • 4
  • 18
  • 28
45
votes
2 answers

What are the main differences between Graylog2 and Kibana

What are the main differences between Graylog2 and Kibana? We already use Graylog2 but I must admit I don't really like the UI. Just wonder in case it may be helpful to switch to Kibana.
Sebastien Lorber
  • 89,644
  • 67
  • 288
  • 419
19
votes
1 answer

Graylog search contains string

I need to search in my data, which is apache2 log, I need all requests which URL is like so: http://*&ucode=jn04 It starts with http and ends with &ucode=jn04 I tried this query : http_referer:"http*&ucode=jn04" but it doesn't work, and it gives…
Majid Abdolhosseini
  • 2,191
  • 4
  • 31
  • 59
13
votes
9 answers

Automatically create UDP input for Graylog2 server running in Docker?

We're running a Graylog2 server in a Docker container in our development environment. It works like a charm apart from the fact that we have to re-create the UDP input every time we launch the container. Has anyone figured out a convenient way to…
Kimble
  • 7,295
  • 4
  • 54
  • 77
11
votes
2 answers

How can I find messages in Graylog based on level (syslog severity/priority)

I'm storing data from Drupal into syslog into Graylog. I'd like to find all messages based on their severity (what Graylog seems to call level). Here's a screenshot of some messages showing the "Level" field. These all happen to be Notices, but the…
greggles
  • 2,089
  • 5
  • 20
  • 38
10
votes
1 answer

Graylog2 with Symfony 2 (Monolog)

I want to use the "Monolog -> GelfHandler" in a SF2 project. So I've added the following to my composer.json: "graylog2/gelf-php": "dev-master" My SF2 config.yml: monolog: handlers: main: type: gelf publisher: …
Volker
  • 611
  • 1
  • 7
  • 21
10
votes
1 answer

What is the use of MongoDB in GrayLog2?

GrayLog2 requires both ElasticSearch and MongoDB, while Logstash uses only ElasticSearch for persisting and searching the logs. what does mongo provide in graylog2?
Birla
  • 1,170
  • 11
  • 30
9
votes
2 answers

Sending logs to Graylog and in Gelf format

I would like to use graylog as central logging server and currently I am just using slf4j Logger "slf4j-api" as Java logging framework for logging in my java application. Can i use SLF4J to send logging to Graylog? or Which additional libraries do i…
orcl user
  • 167
  • 1
  • 4
  • 9
9
votes
1 answer

Searching for Gray Log 2 API or a way to query ElasticSearch

I have a question regarding Gray Log 2 In the company I work for all systems report exceptions to Gray Log server which has predefined streams. I need to build an external Dashboard which retrieves data from different streams. I haven't found any…
Vladimir Novick
  • 506
  • 1
  • 7
  • 15
8
votes
3 answers

Graylog2 -> Is it possible to export the full_message (raw data) of an especific source? I mean the full_message, without any parsing?

I have some logs that graylog2 is receiving using syslog input plugin. I need to export them in the same format that i received, without any parsing, so I can send to the application support team. I have setted the INPUT to keep the full_massage,…
user3333673
  • 81
  • 1
  • 1
  • 2
7
votes
0 answers

How to define docker-compose services to log into graylog

I'm having docker-compose.yaml as below: My problem is that stdout prints or logs written to it are appearing in graylog- but just those under the command /usr/bin/tini -- foo1.start. And when I try entering the docker container of the service…
JavaSa
  • 5,813
  • 16
  • 71
  • 121
7
votes
2 answers

Increase the maximum size of log messages

I would like to increase the maximum size of message saved in graylog with elasticsearch. The maximum message size is 32 kb So I update the mapping to remove the index on full_message: graylog-custom-mapping.json: { "template": "graylog_*", …
Paul
  • 1,290
  • 6
  • 24
  • 46
7
votes
3 answers

Graylog2- how to config logs retention to 1 week

We are using some Graylog2 servers ( graylog-server version 1.3.4). Because we receive too much of log messages, it requires a lot of memory. I am trying to reduce the logs retention to 1 week, every log messages older than 1 week will be deleted.…
SWdream
  • 215
  • 2
  • 3
  • 10
7
votes
2 answers

ERROR: Could not successfully connect to ElasticSearch. Check that your cluster state is not RED and that ElasticSearch is running properly

I've referred to Setup a graylog2 server with elasticsearch in a vagrant machine and I have the correct version of ElasticSearch. I've also added the right options for Graylog2 and ElasticSearch as per the tutorial. ERROR: Could not successfully…
A23
  • 1,596
  • 2
  • 15
  • 31
7
votes
2 answers

Searching in Graylog2 full_message

Is it possible to search in Graylog2 full messages using Quickfilter? I can successfully search in short messages, but it seems like full messages can be filtered only using streams. I need to filter old full messages and new stream is applied…
Laurynas
  • 3,829
  • 2
  • 32
  • 22
1
2 3
18 19