Hi Guys,
I have setup graylog setup with multiple elastic search nodes (2 in my case) and multiple graylog nodes with mongodb replica set(3 nodes having both mongo db and graylog running on it). I able to setup the GUI interface but I can not see any logs. All the logs are reaching the graylog-server but I do not see any of them on graylog web gui? How do I check if elastic search is getting all the logs and indexing is happening?
Br,
Gurpreet
I guess you have created the Input in Graylog to receive your logs. You have no errors in Graylog connecting to Elasticsearch. You see in the top right message flow in and out?
If you check System > Indices did you see any documents in the indices? You hit System > Indices > INDEXNAME > Maintenance > recalculate index range and can see the messages?
I tried recalculating indexes but it did not help.
Have you created inputs?
Do you see incoming logs under system-nodes- one of your node?
Do you see messages in journal (system-nodes)?
Do you see any error message under system-overview?
Are you sure you get your logs with current timestamp? (If you get eg from 2016 and you check the last 5 mins…)
Thanks Mac… I got this fixed by re-configuring it.
please share what was the problem, Maybe it could help for someone else.
Hi Mak,
I had wrong configuration for elastic search which messed it up. I did the re-configuration and it fixed it.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
