Logs not showing

Graylog Central (peer support)
1

Hello guys, i copied the configuration of a present graylog to a new graylog(latest version). I discovered that after dividing them into streams, some streams open immediately and show logs while the others stay for hours without displaying logs. And i have an average of 200-250 logs per second. Attached to this message is the screenshot of the logs not displaying despite the high log influx.

image
image.png1787×697 25.1 KB

Please what is wrong with it and what can be done to fix that because i need to start analyzing the logs i get.

2

What’s in the logs of your Graylog and Elasticsearch nodes?
http://docs.graylog.org/en/2.4/pages/configuration/file_location.html

3

am sorry i dont get the question. But if you meant what logs am i forwarding to graylog…logs from the devices i would like to monitor.(windows,AV,FW and proxy)

4

You should check the logs of your Graylog node and your Elasticsearch node for warnings and errors.

5

where do i check that please? what path or where exactly?
Please note that i get logs from particular streams(AV) but it does not load for the others.

Thanks

6

Check the link I’ve posted in my first reply.

7

Thanks @jochen. i have fixed it now.

8

Great! What was the problem?

9

It was very easy. you know i mentioned that i transferred the configuration from the former graylog server to a new one. It was referencing fields that have been deleted.

All i did was that:

  1. I deleted the streams that came with the config
  2. I created new streams using the same rules.
  3. I started the stream and it was pretty cool.

I was able to view the desired logs in no time.

10

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.