Hello,
This is my first time with Graylog. I set up 4 servers (1 Mongo Replica set, 1 cluster elasticsearch composed of 2 servers and 2 graylog). When I connect to my Graylog web interface and when I create a simple input, I don’t receive log. Note that when I use tcpdump on the interface of graylog I see all the packets I send.
In the “System / Overview” tab -> “Overview” I got this error :
Deflector exists as an index and is not an alias.
The deflector is meant to be an alias but exists as an index. Multiple failures of infrastructure can lead to this. Your messages are still indexed but searches and all maintenance tasks will fail or produce incorrect results. It is strongly recommend that you act as soon as possible.
I tried last week to resolve this issue. I used this command :
curl -XDELETE http://localhost:9200/graylog_*/
and add this in elasticsearch.yml : action.auto_create_index: false
But after this I have this message : 2 minutes ago graylog_deflector 91344300-6740-11e9-8366-005056952112 “IndexMissingException[[graylog_deflector] missing]”
I don’ t know how to resolve this. I uninstall some files, graylog to back at the begining. Can someone help me with this ?
Thanks