I’m following this getting-started guide. Mongo and ElasticSearch lift correctly, but the Graylog server does not access ElasticSearch.
This is the
docker-compose configuration I use for it (I’m on a Mac, that’s why I declare the networks additionally):
version: '2' services: mongo: image: "mongo:3" container_name: graylog-mongo tty: true networks: - graylog_default elasticsearch: image: "elasticsearch:5" container_name: graylog-elastic #command: "elasticsearch -dEs.cluster.name='graylog'" tty: true ports: - "9200:9200" networks: - graylog_default graylog: image: graylog2/server:2.3.0-1 container_name: graylog-server tty: true environment: GRAYLOG_PASSWORD_SECRET: asdf1234asdf1234 GRAYLOG_ROOT_PASSWORD_SHA2: 5edf3ff590e9e85565024392d4938564a411dcd3ae9f6787d1e2a087098381f1 GRAYLOG_WEB_ENDPOINT_URI: http://127.0.0.1:9000/api depends_on: - mongo - elasticsearch ports: - "9000:9000" - "5555:5555" networks: - graylog_default networks: default: external: name: graylog_default
I’ve got 2 questions:
- Can I review messages w/o having the elastic search running (cuz I could not list/view/find any messages, even though I can see statistics that I have a number of unprocessed messages)
- I believe it’s a networking problem between Graylog and ES. Graylog should be trying to access ES on
graylog-elastic:9200host instead of on
localhost:9200. Is there a way to specify that?