Could not execute search after new installation


(Ian Bultitude) #1

Hi,
I followed the instructions as defined in -
http://docs.graylog.org/en/2.2/pages/installation/os/ubuntu.html
When I open the Web interface I am getting -

Error Message:
    blocked by: [SERVICE_UNAVAILABLE/1/state not recovered / initialized];: cannot GET http://x.x.x.x:9000/api/search/universal/relative?query=%2A&range=300&limit=150&sort=timestamp%3Adesc (500)
Search status code:
    500

In the log file I see the following error :-

2017-03-26T17:13:55.100+01:00 ERROR [CmdLineTool] Invalid configuration
com.github.joschi.jadconfig.ValidationException: The minimum length for "password_secret" is 16 characters.
        at org.graylog2.Configuration.validatePasswordSecret(Configuration.java:326) ~[graylog.jar:?]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
        at com.github.joschi.jadconfig.ReflectionUtils.invokeMethodsWithAnnotation(ReflectionUtils.java:53) ~[graylog.jar:?]
        at com.github.joschi.jadconfig.JadConfig.invokeValidatorMethods(JadConfig.java:221) ~[graylog.jar:?]
        at com.github.joschi.jadconfig.JadConfig.process(JadConfig.java:100) ~[graylog.jar:?]
        at org.graylog2.bootstrap.CmdLineTool.processConfiguration(CmdLineTool.java:351) [graylog.jar:?]
        at org.graylog2.bootstrap.CmdLineTool.readConfiguration(CmdLineTool.java:344) [graylog.jar:?]
        at org.graylog2.bootstrap.CmdLineTool.run(CmdLineTool.java:177) [graylog.jar:?]
        at org.graylog2.bootstrap.Main.main(Main.java:44) [graylog.jar:?]

However in the config file I used the command pwgen -N 1 -s 96, Therefore, the password_secret is 96 characters long so well exceeds the minimum of 16.

What have I done wrong?


(Rafaelcarsetimo) #2

You need set the password with the minimum of 16 characters… After set, you graylog will Start.
Have Fun!


(Ian Bultitude) #3

Hi,Thanks for the reply. The password has 96 characters. As the example showed.

Regards IanMailto: ian@bultitude.orgPhone: +44 7785 532 628Sent from my Samsung device


(Jan Doberstein) #4

@IBulti

you should double check - might be that you have set that setting twice.


(Rafaelcarsetimo) #5

96 characters!!! OMG… Put 20 and see if works.


(Ian Bultitude) #6

Hi rafaelcarsetimo,

Well I tried that and still no joy.

I have just looked at the Office system and the sting is about 130.

Thanks for your time.


(Ian Bultitude) #7

Thanks jan,

but it is only in there once.

I can send you the file if you want. (personal data & IP addresses removed)


(Jochen) #8

I think you’re hunting ghosts. If the password_secret really was invalid (i. e. less than 16 characters long), Graylog wouldn’t start and you wouldn’t be able to connect to the web interface.

Please post the complete logs of your Graylog and Elasticsearch nodes.


(Ian Bultitude) #9

Hi jochen

I have tried to post the server log file directly on the website but it is BIG. unfortunately I was unable to upload it as a file.

There does not appear to be any log file for Elasticsearch at least not in /var/log/elasticsearch.

This sounds like a clue. I am wondering if this is the problem and not Graylog?


(Ian Bultitude) #10

Hi jochen,

How can I get the log file to you? Can I PM you or something with a file attached?


(Jochen) #11

Please use services like https://0bin.net, http://pastebin.com, or https://gist.github.com for sharing these logs.


(Jochen) #12

That’s odd. Are you sure that Elasticsearch is running?


(Ian Bultitude) #13

Hi jochen,

Thanks but I still seem to hit size limit. The file is about 4.6M. I tried to zip it but that is not accepted.

Sorry I am very new to this sort of thing.

Thanks for your help.

Regards

Ian

mailto:ian@bultitude.org


(Ian Bultitude) #14

Hi jochen,

Hmm no it would not appear to be.

ps ax | grep -i elasticsearch

30658 pts/17 S+ 0:00 grep --color=auto -i elasticsearch

here is the config file may be I have got it wrong.

##################### Elasticsearch Configuration Example #####################
# This file contains an overview of various configuration settings,
# targeted at operations staff. Application developers should
# consult the guide at <http://elasticsearch.org/guide>.

(Ian Bultitude) #15

Hi jochen,

Fingers crossed. The file I think is on at:-

Regards

Ian


(Jochen) #16

This looks empty…

The logs stop at 2017-03-27 and it’s obviously waiting for Elasticsearch to come up. So try fixing your Elasticsearch setup and Graylog should be fine.


(Ian Bultitude) #17

Hi jochen,

Thanks again for your time,

Are you saying the file was blank?

Which file the log file or the Elasticsearch config file?

Would it help if I setup a TeamViewer session with you?

Regards Ian


(Jochen) #18

You’ve posted only 3 lines of your Elasticsearch configuration. If that’s your complete configuration, that’s the problem.

See http://docs.graylog.org/en/2.2/pages/configuration/file_location.html#deb-package for the relevant file locations and http://docs.graylog.org/en/2.2/pages/configuration/elasticsearch.html for information about how to configure Elasticsearch.

Unless you’re buying professional support, definitely no.


(Ian Bultitude) #19

Ah!

Hi jochen,

No that is not the full file then!!!

let’s try again.

##################### Elasticsearch Configuration Example #####################

 

# This file contains an overview of various configuration settings,

# targeted at operations staff. Application developers should

# consult the guide at <http://elasticsearch.org/guide>.

(Jochen) #20

It’s the same 4 lines again, all of which are comments.

As I said before, if this is your whole Elasticsearch configuration, you’re missing some important settings.