Graylog could not load field information: 500

Hello. First, thank you for what all of you do for the community.

I have an issue with Graylog communicating with my elasticsearch node.
I have Graylog and elasticsearch running on a single box for testing. I installed it manually onto an Ubuntu system, so it’s not a VM. It’s been working fine until recently when I tried to search my logs.

suddenly the logs are no longer displaying and I get the following error message: “cannot GET http://192.168.2.131:9000/api/search/universal/relative?query=gl2_source_collector%3Ad796ba21-6c8e-466d-a3c9-6ac8129545e3&range=604800&limit=150&sort=timestamp%3Adesc (500)”

Here’s my graylog.conf setup:

is_master: true
node_id_file = /etc/graylog/server/node-id
password_secret =xxxxxxxx
root_password_sha2 =xxxxxxxx
root_timezone = UTC (by the way if anyone knows how to change this to California or Pacific time that would be awesome)
bin_dir = /usr/share-graylog-server/bin
http_bind_address = 192.168.2.131:9000
rotation_strategy = count
elasticsearch_max_docs_per_index = 20000000
elasticsearch_max_number_of_indices = 20
retention_strategy = delete
elasticsearch_shards = 4
elasticsearch_replicas = 0
elasticsearch_index_prefix = graylog
allow_leading_wildcard_searches = false
allow_highlighting = false
elasticsearch_analyzer = standard
output_batch_size = 500
output_flush_interval = 1
output_fault_count_threshold = 5
output_fault_penalty_seconds = 30
processbuffer_processors = 5
outputbuffer_processors = 3
processor_wait_strategy = blocking
ring_size = 65536
inputbuffer_ring_size = 65536
inputbuffer_processors = 2
inputbuffer_wait_strategy = blocking
message_journal_enabled = true
message_journal_dir = /var/lib/graylog-server/journal
lb_recognition_period_seconds = 3
mongodb_uri = mongodb://localhost/graylog
mongodb_max_connections = 1000
mongodb_threads_allowed_to_block_multiplier = 5
proxied_requests_thread_pool_size = 32

Here’s my Elasticsearch.yml info:

cluster.name: greylog
action.auto_create_index: false
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch

Attached is my graylog.log screenshot

Screenshot from 2019-05-03 16-44-51.png1123×961 240 KB

are you sure elasticsearch is running - Graylog tries to connect on localhost port 9200 what is the default but Graylog isn’t connected to elasticsearch.

Hello Jan.
Sorry for the late reply,

Yes Elasticsearch was running, but whenever I would go to “Show Messages” from my sidecar overview page, it would give the error messages I provided. Then when I would run “service elasticsearch status” it would show that it was not active in an error state. So something was crashing elasticsearch or causing it to stop running.

Good news is that I was able to run updates on my Ubuntu system this morning and now Elasticsearch is back up and running. So, it would seem that Ubuntu just needed to be updated…or perhaps Java needed to be updated.

Thank you for your help, though

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.