There was no leader Graylog server node detected in the cluster

Graylog Central (peer support)
1

1. Describe your incident:
I have a problem with my Graylog installation
I have an alert that every 3 or 4 seconds shows “There was no leader Graylog server node detected in the cluster (triggered a few seconds ago)”
When the message shows I noticed that I loose the node name in system messages. So instead of ‘myHost.myDomain.local] it just says ‘Unknown node’. As soon as the error goes away, proper node name is shown. Graylog works, collect logs and shows searches&c but it’s slowed by the continous alert message

2. Describe your environment:
I have a single VM , no cluster, where everything is installed :
-CentOS Stream release 8 (Kernel: Linux 4.18.0-553.6.1.el8.x86_64)
-graylog-server.x86_64 6.1.1-1
-opensearch.x86_64 2.17.1-1
-mongodb-org.x86_64 6.0.19-1.el8

  • Service logs, configurations, and environment variables:

cat /etc/graylog/server/server.conf | grep -v ‘^\s*$|^\s*#’
is_leader = true
node_id_file = /etc/graylog/server/node-id
password_secret = xxxxxx
root_username = xxxx
root_password_sha2 = xxxxxxx
root_email = xxxxxx@xxx.xx
root_timezone = Europe/Rome
bin_dir = /usr/share/graylog-server/bin
data_dir = /var/lib/graylog-server
plugin_dir = /usr/share/graylog-server/plugin
http_bind_address = graylog.consiglio.intranet.it:9000
http_publish_uri = http://graylog.consiglio.intranet.it:9000
stream_aware_field_types=false
rotation_strategy = count
elasticsearch_max_docs_per_index = 20000000
elasticsearch_max_number_of_indices = 20
retention_strategy = delete
elasticsearch_shards = 4
elasticsearch_replicas = 0
elasticsearch_index_prefix = graylog
allow_leading_wildcard_searches = false
allow_highlighting = false
elasticsearch_analyzer = standard
output_batch_size = 500
output_flush_interval = 1
output_fault_count_threshold = 5
output_fault_penalty_seconds = 30
processbuffer_processors = 5
outputbuffer_processors = 3
processor_wait_strategy = blocking
ring_size = 65536
inputbuffer_ring_size = 65536
inputbuffer_processors = 2
inputbuffer_wait_strategy = blocking
message_journal_enabled = true
message_journal_dir = /var/lib/graylog-server/journal
lb_recognition_period_seconds = 3
mongodb_uri = mongodb://localhost/graylog
mongodb_max_connections = 1000

3. What steps have you already taken to try and solve the problem?
I restarted, updated, checked DNS (but I don’t know if I checked everything)

4. How can the community help?
Can you please help me resolving this issue ?

2

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.