Failed to load SIGAR

(Charles Deng) #1

Hi Team,

I have cloned a local graylog 3.0.2 and run it in the IntelliJ IDEA, all OK but there is a event of “Failed to load SIGAR” in the running logs being marked in red as the following picture of screen:

Did this relate to that the server does not found the “plugin” directory(although the AWS, Collector and Threat Intelligence plugins were loaded correctly) ? how to fix this ?

Thanks in advance.
–charles

(Jan Doberstein) #2

please be more verbose - how did you setup Graylog? What have you done exactly?

(Charles Deng) #3

Hi Jan,

what i have done:

create a file 3.0.2.json with following content:

{
 "modules": [
   {
     "repository": "git@github.com:Graylog2/graylog2-server.git",
     "revision": "3.0.2",
     "server": true,
     "submodules": [
       {
         "path": "graylog2-server"
       },
       {
         "path": "graylog2-web-interface"
       }
     ]
   },
   {
     "repository": "git@github.com:Graylog2/graylog-plugin-collector.git",
     "revision": "3.0.2",
     "assemblies": ["graylog"]
   },
   {
     "repository": "git@github.com:Graylog2/graylog-plugin-aws.git",
     "revision": "3.0.2",
     "assemblies": ["graylog"]
   },
   {
     "repository": "git@github.com:Graylog2/graylog-plugin-threatintel.git",
     "revision": "3.0.2",
     "assemblies": ["graylog"]
   }
 ]
}

clone the 3.0.2 release by:

graylog-project bootstrap https://github.com/Graylog2/graylog-project.git -m ../3.0.2.json
mv 3.0.2.json graylog-project/manifests
echo "{\"files\":[\"manifests/3.0.2.json\"]}">graylog-project/.graylog-project-manifest-state
cd graylog-project
graylog-project gv --set=3.0.2
mvn clean

compile it:

mvn compile

under the directory graylog-project-repos/graylog2-server/, i have created a sub directory, where i put my server.conf , node-id and pem files.

mkdir conf

my server.conf just modified from a live configuration, i have replaced some sensitive info with “***”:

is_master = true
node_id_file = conf/node-id
password_secret = ***
root_username = admin
root_password_sha2 = ***
root_email = ***
root_timezone = Asia/Shanghai
bin_dir = bin
data_dir = data
plugin_dir = plugin
http_bind_address = gl1.mylogs.com:9000
http_enable_tls = true
http_tls_cert_file = conf/web-cert.pem
http_tls_key_file = conf/web-key.pem
# the self-signed CA certifcate have been added to system and java keystore
trusted_proxies = 192.168.1.14/31
http_publish_uri = https://gl1.mylogs.com:9000/
http_external_uri = https://gl1.mylogs.com:9000/
http_enable_cors = true
http_enable_gzip = true
http_max_header_size = 8192
http_thread_pool_size = 16
http_connect_timeout = 5s
http_read_timeout = 10s
http_write_timeout = 10s
output_batch_size = 1000
output_flush_interval = 1
output_fault_count_threshold = 5
output_fault_penalty_seconds = 30
processbuffer_processors = 20
outputbuffer_processors = 6
processbuffer_processors = 20
outputbuffer_processors = 6
outputbuffer_processor_keep_alive_time = 5000
processbuffer_processors = 20
outputbuffer_processors = 6
outputbuffer_processor_keep_alive_time = 5000
outputbuffer_processor_threads_core_pool_size = 3
outputbuffer_processor_threads_max_pool_size = 30
output_module_timeout = 10000
udp_recvbuffer_sizes = 1048576
processor_wait_strategy = blocking
ring_size = 65536
inputbuffer_ring_size = 65536
inputbuffer_processors = 2
inputbuffer_wait_strategy = blocking
message_journal_enabled = true
message_journal_dir = conf/journal
message_journal_max_age = 12h
message_journal_max_size = 50gb
message_journal_flush_age = 1m
message_journal_flush_interval = 1000000
message_journal_segment_age = 1h
message_journal_segment_size = 100mb
async_eventbus_processors = 2
lb_recognition_period_seconds = 3
lb_throttle_threshold_percentage = 95
proxied_requests_thread_pool_size = 32
stream_processing_timeout = 2000
stream_processing_max_faults = 3
alert_check_interval = 60
stale_master_timeout = 2000
shutdown_timeout = 30000
elasticsearch_hosts = https://graylog:***@es1.mylogs.com:9200
elasticsearch_connect_timeout = 10s
elasticsearch_socket_timeout = 60s
#elasticsearch_idle_timeout = -1s
elasticsearch_max_total_connections = 20
elasticsearch_max_total_connections_per_route = 2
elasticsearch_max_retries = 2
elasticsearch_discovery_enabled = false
elasticsearch_discovery_frequency = 30s
elasticsearch_compression_enabled = false
elasticsearch_index_prefix = graylog
elasticsearch_template_name = graylog-internal
rotation_strategy = count
elasticsearch_max_docs_per_index = 20000000
elasticsearch_max_size_per_index = 1073741824
elasticsearch_max_time_per_index = 1d
elasticsearch_disable_version_check = false
no_retention = false
elasticsearch_max_number_of_indices = 30
retention_strategy = close
elasticsearch_shards = 1
elasticsearch_replicas = 0
disable_index_optimization = false
index_optimization_max_num_segments = 1
elasticsearch_index_optimization_timeout = 1h
elasticsearch_index_optimization_jobs = 20
index_ranges_cleanup_interval = 1h
index_field_type_periodical_interval = 1h
allow_leading_wildcard_searches = false
allow_highlighting = true
elasticsearch_analyzer = standard
elasticsearch_request_timeout = 1m
mongodb_uri = mongodb://graylog:***@mg1.mylogs.com/graylog?authSource=admin&&ssl=true
mongodb_max_connections = 1000
mongodb_threads_allowed_to_block_multiplier = 5
integrations_web_interface_uri = https://gl1.mylogs.com:9000
integrations_scripts_dir = scripts
gc_warning_threshold = 1s
ldap_connection_timeout = 2000
disable_sigar = false
dashboard_widget_default_cache_time = 10s

and then i import the graylog-project. i have Node.js and yarn already installed in my system. so my runner configured as:



also i had modified some settings of IntelliJ IDEA:
image

at last, i build and run from intelliJ IDEA…

Thanks.
charles.