Graylog dashboard not loading due stream and indices errors

deepakkumardubey · May 21, 2021, 12:51am

Hi Friends,

Can you please help me to resolve my graylog dashboard error.

Getting below errors in the logs.

ERROR: org.graylog2.security.realm.LdapUserAuthenticator - LDAP error
org.apache.directory.api.ldap.model.exception.LdapAuthenticationException:

org.graylog2.indexer.fieldtypes.IndexFieldTypePollerPeriodical - Cluster not connected yet, delaying index field type initialization until it is reachable

org.graylog2.periodical.IndexRetentionThread - Elasticsearch cluster not available, skipping index retention checks.

org.graylog2.indexer.cluster.Cluster - Couldn’t read cluster health for indices [graylog_, gl-events_, gl-system-events_, abc-accesslogs-full_, is02_1y_*] (Connection reset)

What could be the reason for above errors and what steps we can perform to resolve this issue.

Regards,
Deepak

gsmith · May 21, 2021, 4:05am

Hello,

By chance was this an upgrade? Or is this a fresh install? The reason I’m asking is that there was some changes with LDAP on GL4.

Did you check is elasticsearch service is running?

systemctl status elasticsearch

What do you see if you execute this?

curl -XGET http://GRAYLOG-SERVER:9200/_cluster/health?pretty=true

deepakkumardubey · May 21, 2021, 4:16am

Hi Smith,

This was upgrade,we have configured it on docker.

It showing gree for ES.
curl -XGET http://10.24.220.104:9200/_cluster/health?pretty=true
{
“cluster_name” : “docker-cluster”,
“status” : “green”,
“timed_out” : false,
“number_of_nodes” : 1,
“number_of_data_nodes” : 1,
“active_primary_shards” : 98,
“active_shards” : 98,
“relocating_shards” : 0,
“initializing_shards” : 0,
“unassigned_shards” : 0,
“delayed_unassigned_shards” : 0,
“number_of_pending_tasks” : 0,
“number_of_in_flight_fetch” : 0,
“task_max_waiting_in_queue_millis” : 0,
“active_shards_percent_as_number” : 100.0

gsmith · May 21, 2021, 4:26am

Kind of thought those error’s looked familiar. Because of the new permission for Graylog 4 we had to redo our Authentication Service’s “Active Dircetory” after upgrade from GL 3.3.x to GL 4.0. First I had to log into Graylog with the default credentials, then reset the Active Authentication Service. Only took a couple minutes. If its only for one dashboard I would look into all the service logs.

What does you service MongoDb look like?

Systemctl status mongod

I’m not to famialer with Docker.

deepakkumardubey · May 21, 2021, 4:33am

Yes, mongodb connected with ES, it’s also hosted on docker

gsmith · May 21, 2021, 4:36am

Sorry I’m not familiar with docker, but I know other people in here that is. If you could show you configurations they would be able to help you better. Basically what does your environment look like.

deepakkumardubey · May 21, 2021, 4:37am

It’s Graylog which is running on topup of docker. We have create mongodb , ES and grafana through compose file.

system · June 4, 2021, 4:38am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.