Could not execute search after new installation

Graylog Central (peer support)
1

Hi,
I followed the instructions as defined in -
http://docs.graylog.org/en/2.2/pages/installation/os/ubuntu.html
When I open the Web interface I am getting -

Error Message:
    blocked by: [SERVICE_UNAVAILABLE/1/state not recovered / initialized];: cannot GET http://x.x.x.x:9000/api/search/universal/relative?query=%2A&range=300&limit=150&sort=timestamp%3Adesc (500)
Search status code:
    500

In the log file I see the following error :-

2017-03-26T17:13:55.100+01:00 ERROR [CmdLineTool] Invalid configuration
com.github.joschi.jadconfig.ValidationException: The minimum length for "password_secret" is 16 characters.
        at org.graylog2.Configuration.validatePasswordSecret(Configuration.java:326) ~[graylog.jar:?]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
        at com.github.joschi.jadconfig.ReflectionUtils.invokeMethodsWithAnnotation(ReflectionUtils.java:53) ~[graylog.jar:?]
        at com.github.joschi.jadconfig.JadConfig.invokeValidatorMethods(JadConfig.java:221) ~[graylog.jar:?]
        at com.github.joschi.jadconfig.JadConfig.process(JadConfig.java:100) ~[graylog.jar:?]
        at org.graylog2.bootstrap.CmdLineTool.processConfiguration(CmdLineTool.java:351) [graylog.jar:?]
        at org.graylog2.bootstrap.CmdLineTool.readConfiguration(CmdLineTool.java:344) [graylog.jar:?]
        at org.graylog2.bootstrap.CmdLineTool.run(CmdLineTool.java:177) [graylog.jar:?]
        at org.graylog2.bootstrap.Main.main(Main.java:44) [graylog.jar:?]

However in the config file I used the command pwgen -N 1 -s 96, Therefore, the password_secret is 96 characters long so well exceeds the minimum of 16.

What have I done wrong?

2

You need set the password with the minimum of 16 characters… After set, you graylog will Start.
Have Fun!

3

Hi,Thanks for the reply. The password has 96 characters. As the example showed.

Regards IanMailto: ian@bultitude.orgPhone: +44 7785 532 628Sent from my Samsung device

4

@IBulti

you should double check - might be that you have set that setting twice.

5

96 characters!!! OMG… Put 20 and see if works.

6

Hi rafaelcarsetimo,

Well I tried that and still no joy.

I have just looked at the Office system and the sting is about 130.

Thanks for your time.

7

Thanks jan,

but it is only in there once.

I can send you the file if you want. (personal data & IP addresses removed)

8

I think you’re hunting ghosts. If the password_secret really was invalid (i. e. less than 16 characters long), Graylog wouldn’t start and you wouldn’t be able to connect to the web interface.

Please post the complete logs of your Graylog and Elasticsearch nodes.

9

Hi jochen

I have tried to post the server log file directly on the website but it is BIG. unfortunately I was unable to upload it as a file.

There does not appear to be any log file for Elasticsearch at least not in /var/log/elasticsearch.

This sounds like a clue. I am wondering if this is the problem and not Graylog?

10

Hi jochen,

How can I get the log file to you? Can I PM you or something with a file attached?

11

Please use services like https://0bin.net, http://pastebin.com, or https://gist.github.com for sharing these logs.

12

That’s odd. Are you sure that Elasticsearch is running?

13

Hi jochen,

Thanks but I still seem to hit size limit. The file is about 4.6M. I tried to zip it but that is not accepted.

Sorry I am very new to this sort of thing.

Thanks for your help.

Regards

Ian

mailto:ian@bultitude.org

14

Hi jochen,

Hmm no it would not appear to be.

ps ax | grep -i elasticsearch

30658 pts/17 S+ 0:00 grep --color=auto -i elasticsearch

here is the config file may be I have got it wrong.

##################### Elasticsearch Configuration Example #####################
# This file contains an overview of various configuration settings,
# targeted at operations staff. Application developers should
# consult the guide at <http://elasticsearch.org/guide>.
15

Hi jochen,

Fingers crossed. The file I think is on at:-

Regards

Ian

16

This looks empty…

The logs stop at 2017-03-27 and it’s obviously waiting for Elasticsearch to come up. So try fixing your Elasticsearch setup and Graylog should be fine.

17

Hi jochen,

Thanks again for your time,

Are you saying the file was blank?

Which file the log file or the Elasticsearch config file?

Would it help if I setup a TeamViewer session with you?

Regards Ian

18

You’ve posted only 3 lines of your Elasticsearch configuration. If that’s your complete configuration, that’s the problem.

See http://docs.graylog.org/en/2.2/pages/configuration/file_location.html#deb-package for the relevant file locations and http://docs.graylog.org/en/2.2/pages/configuration/elasticsearch.html for information about how to configure Elasticsearch.

Unless you’re buying professional support, definitely no.

19

Ah!

Hi jochen,

No that is not the full file then!!!

let’s try again.

##################### Elasticsearch Configuration Example #####################

 

# This file contains an overview of various configuration settings,

# targeted at operations staff. Application developers should

# consult the guide at <http://elasticsearch.org/guide>.
20

It’s the same 4 lines again, all of which are comments.

As I said before, if this is your whole Elasticsearch configuration, you’re missing some important settings.