Hello,
I installed graylog V3 few days ago and I’m stuck with some errors (see above) I get when I load different pages of the web interface:
Could not retrieve index sets. Fetching index sets list failed: Unable to read information for indices [graylog_*]
Could not retrieve global index stats. Fetching global index stats failled: cannot GET http://<@IP>:9000/api/system/Indices/Index_sets/stats (500)
Could not load field information.Loading field information failed with status: cannot GET http://<@IP>:9000/api/system/fields (500)
Moreover, on one hand I configured a client to make it sending rsyslog events to the graylog server on port 27210 and on the other hand I configured an input in graylog server web interface.
I can see on the graylog server a listening task on port 27210. When I generate rsyslog events on the client, nothing is detected by graylog.
To be sure that the events were sent properly by the client, I configured the rsyslog server on graylog server to make it listening on port 27210 and it received the events from my client without any pb.
Does somebody could help me. I’m getting mad with it.
Many thanks.
François
Yes I understood that elasticsearch was not working at all (the service was starting and then stopped after ~ 30s) and I fixed the problem. I don’t get anymore the error messages. One good thing done!
The next one is about the log: netstat shows that my server listen on UDP6:27210 and not UDP:27210. It is probably why graylog doesn’t receive the rsyslog logs.
The other question is about the input parameters: to listen to rsyslog log, may I choose CEF UDP Input or Syslog UDP?
All the best,
François
