Hi,
I am trying from two days to setup graylog properly. Messages are coming to graylog but unable to see them on search
Inputs configured:
Input 1:
bind_address: 0.0.0.0
decompress_size_limit: 8388608
number_worker_threads: 2
override_source:
port: 12201
recv_buffer_size: 262144555
Input 2:
bind_address: 0.0.0.0
decompress_size_limit: 83886088855
enable_cors: true
idle_writer_timeout: 60
max_chunk_size: 65536
number_worker_threads: 2
override_source:
port: 12201
recv_buffer_size: 104857655
tcp_keepalive: false
tls_cert_file:
tls_client_auth: disabled
tls_client_auth_cert_file:
tls_enable: false
tls_key_file: admin
tls_key_password: ********
I can’t find any issue on timezone as they are in UTC
I don’t know what to do now and how to make it work
If i run elastic search query directly in server
curl -XPOST ‘localhost:9200/_search?pretty’ -d ‘{
“from”: 0,
“size”: 150,
“query”: {
“bool”: {
“must”: [
{
“match_all”: {
“boost”: 1
}
}
],
“filter”: [
{
“bool”: {
“must”: [
{
“range”: {
“timestamp”: {
“from”: “2019-04-15 08:45:16.287”,
“to”: “2019-04-15 08:50:16.287”,
“include_lower”: true,
“include_upper”: true,
“boost”: 1
}
}
}
],
“disable_coord”: false,
“adjust_pure_negative”: true,
“boost”: 1
}
}
],
“disable_coord”: false,
“adjust_pure_negative”: true,
“boost”: 1
}
},
“sort”: [
{
“timestamp”: {
“order”: “desc”
}
}
]
}’ -H ‘Content-Type: application/json’
~
I can see results
Solved Just rotated index from dashboard and it shows logs now !!