The Graylog log system has a search 500 error and has restarted the system.
Demons such as graylog-server are running after the restart. but the Graylog web interface does not work. As a result of examining the log, the contents below are written, so can you tell me what the problem is? please see below.
2022-04-19T18:09:51.282+09:00 WARN [KafkaJournal] Journal utilization (100.0%) has gone over 95%.
2022-04-19T18:09:51.290+09:00 ERROR [Cluster] Couldn’t read cluster health for indices [graylog_*] (Could not connect to http://127.0.0.1:9200)
If your journal is full ( 5GB is default) I would look at elasticsearch. Seams that elasticsearch is not indexing those logs , hence journal is filling up.
Here are a couple options you try.
thanks for your prompt reply and answering my question. As a result of examining the Easticsearch log, the contents below are written, so can you tell me what the problem is?
Both gray log servers and Elasticsearch are active and running. However, the web interface still does not open. I’d appreciate your help.
First, I fixed you post so its easier to read. Hope you don’t mind.
Second, This is good news from that log clip. Looks like its try to fix the issue for you.
2022-04-20T17:38:06,101][INFO ][o.e.c.r.a.AllocationService] [8atbN9f] Cluster health status changed from [RED] to [GREEN] (reason: [shards started [[graylog_92][0], [graylog_92][3@
thanks for your prompt reply and answering my question.
There seems to be a problem with the Elasticsearch connection. It’s not open with 9000, 9200 ports. When viewed on the web, Nodes displays the status as unknown. The logs on the server.
I’d appreciate your help.
00 WARN [ProxiedResource] Unable to call https://xxx.xxx.xxx.xxx:9000/api/system on node java.net.SocketTimeoutException: timeout ERROR [AnyExceptionClassMapper] Unhandled exception in REST resource java.net.SocketTimeoutException: timeout 2022-04-21T19:42:14.330+09:00 ERROR [Cluster] Couldn’t read cluster health for indices [graylog_*] (Could not connect to http://127.0.0.1:9200) 2022-04-21T19:42:14.330+09:00 INFO [IndexerClusterCheckerThread] Indexer not fully initialized yet. Skipping periodic cluster check. 2022-04-21T19:42:14.451+09:00 WARN [V20161130141500_DefaultStreamRecalcIndexRanges] Interrupted or timed out waiting for Elasticsearch cluster, checking again.
Thank you for your attention to this matter. I will check the gray log and check the connection error and configuration in Elasticsearch in detail.
I will update here whatever my observations will be. Thank you so much.