We had a Docker installation of Graylog 2.4, hooked up to an AWS Elasticsearch cluster. We recently upgraded to using the Graylog 2.5 image, and have been having issues since. Graylog indicates it is Loading... all over the place. We cannot pause the node which is hung on Loading throughput, getting an error graylog could not pause message processing in node. Other pages are slow or do not load at all. Our Elasticsearch cluster is reporting all operations normal, as well as Graylog’s system -> overview page. In the meantime, we are receiving all of our logs correctly.
We aren’t using any scripts to talk to the graylog API, so the added header in 2.5 should not be an issue as far as I know.
It seems this was set up so we can only capture Docker logs, though I’m hoping to get bundled process logging setup here soon.
Docker logs have a few graylog errors caused by java’s SocketTImeoutException when interacting with the graylog api, but I haven’t found much more information than that.
how should anybode without access to your system help you with this description?
Check the logs - read, the logs try to understand the reason for the messages you see. If you do not get that, post this message to this community and maybe someone else is able to help you.
Did you check the system metrics?
Are you saying you have one Graylog node, or are there multiple? I ask because later on you write:
We cannot pause the node which is hung on
Loading throughput
This suggests there are multiple nodes and you cannot pause one particular one.
It seems this was set up so we can only capture Docker logs,
I assume that you meant to write this differently, because “it seems” implies that you don’t know whether this was done or not.
Docker logs have a few graylog errors caused by java’s
SocketTImeoutExceptionwhen interacting with the graylog api, but I haven’t found much more information than that.
The thing is, I do believe that using the GUI also kind of relies upon the API. So if the API doesn’t work properly, then the Graylog GUI will also bork.
Now…
You say you switched between Docker images. I am not familiar with the Graylog docker images, neither the official ones, nor any unofficial ones. For the images you’re using: where is MongoDB housed? Is the config data + Mongo part of the Docker images? Or is it elsewhere? I ask, because I assume that with an upgrade of an existing environment you will also need to re-use the old configuration data (from 2.4) which will then get massaged and updated by the new 2.5 Graylog to make things work.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.