Elasticsearch Cluster Unavailable on Graylog version 2.2.3


(Zer0l Pt) #1

I’ve installed what seems to be the newest version (2.2.3) with Elasticsearch 2.4.4 but when I access the web interface I get this annoying error that I’ve been trying to fix for a while now.

Here is my Elasticsearch log.
https://pastebin.com/S1QGpgdV

And here is the curl result:

"cluster_name" : "graylog-development",
  "status" : "green",
  "timed_out" : false,
  "number_of_nodes" : 1,
  "number_of_data_nodes" : 1,
  "active_primary_shards" : 0,
  "active_shards" : 0,
  "relocating_shards" : 0,
  "initializing_shards" : 0,
  "unassigned_shards" : 0,
  "delayed_unassigned_shards" : 0,
  "number_of_pending_tasks" : 0,
  "number_of_in_flight_fetch" : 0,
  "task_max_waiting_in_queue_millis" : 0,
  "active_shards_percent_as_number" : 100.

The Elasticluster name is already the same as the Graylog.


(Jochen) #2

How did you install and configure Graylog? Please post the complete configuration files.
Which error message do you see?


(Zer0l Pt) #3

I used the .deb file from the site to install Graylog on a VSphere Client.

Elasticsearch Configuration:
https://pastebin.com/zqbHe8Vs

Graylog2 Configuration:
https://pastebin.com/ybZSBLKJ

And this is the error I’m getting:
“Elasticsearch cluster unavailable
Graylog could not successfully connect to the Elasticsearch cluster. If you’re using multicast, check that it is working in your network and that Elasticsearch is accessible. Also check that the cluster name setting is correct. Read how to fix this in the Elasticsearch setup documentation.”


(Jochen) #4

Which DEB package exactly?

This configuration file looks very strange. It contains, as it seems, some shell commands (which aren’t valid configuration settings…) and some important settings (like the ones for the web interface) are missing.

Where did you get that from?

Additionally, you shouldn’t use the same node name for the Elasticsearch node and Graylog, since that makes identifying them in the logs much harder.

Is 192.168.217.67 the correct IP address of the machine hosting Elasticsearch and is the machine hosting Graylog allowed to access 192.168.217.67:9300?


(Zer0l Pt) #5

It was not a DEB file but a OVA file my bad. https://packages.graylog2.org/appliances/ova

I installed Elasticsearch from a DEB file: https://www.elastic.co/downloads/past-releases/elasticsearch-2-4-4

The configuration file came with the instalation.

In the tutorial I used they were actually saying to use the same node name but I’m guessing that’s wrong. (?)

I actually tried to put a different name but the problem still persists.


(Jochen) #6

That tutorial is old and incorrect for Graylog 2.x.

Please start with a fresh VM and either use the prepared OVA or follow the documentation for installing Graylog from the DEB packages on Ubuntu Linux.

DEB packages: http://docs.graylog.org/en/2.2/pages/installation/os/ubuntu.html

OVA:


(system) #7

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.