Graylog integration issue

Akhtar · May 1, 2025, 6:04pm

Hi
I’m integrating Graylog 5.2 with Wazuh 4.9 for a SOC PoC but facing issues connecting Graylog to the Wazuh Indexer. I’d appreciate any guidance on compatibility or workarounds. Below are the details.
Environment:

OS: Ubuntu 22.04 LTS
Wazuh: 4.9.0 (Wazuh Indexer, Manager, Dashboard)
Graylog: 5.2.11-1
MongoDB: 6.0.18

Issue: Graylog starts but fails to connect to the Wazuh Indexer, showing in /var/log/graylog-server/server.log:
2025-05-01T17:51:23.576Z ERROR [VersionProbe] Unable to retrieve version from OpenSearch/Elasticsearch node 10.10.90.110:9200: unknown error - an exception occurred while deserializing error response: com.fasterxml.jackson.databind.exc.MismatchedInputException: No content to map due to end-of-input

system · May 15, 2025, 6:05pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Problem in Connection Between Graylog and Wazuh Indexer (Opensearch Fork) Graylog Central (peer support)	4	1343	March 5, 2024
Error Parsing Wazuh data Graylog Central (peer support)	4	287	August 3, 2024
Graylog 5.0 with Wazuh Indexer Graylog Central (peer support)	12	8526	June 6, 2023
Wazuh graylog integration issue Graylog Central (peer support)	1	27	May 13, 2025
Logs not receiving on Graylog via Wazuh Manager (fluent-bit) Graylog Central (peer support)	7	1613	December 27, 2023

Graylog integration issue

Related topics