We have been slowly working through debugging the various error messages seen in our graylog server.log file so we can see when there are real issues.
This particular message is a current concern:
2017-02-19T12:10:51.869-05:00 WARN [ProcessBufferProcessor] Unable to process message <5dc778dc-f6c6-11e6-9b33-0025b5ff0071>: org.graylog.plugins.pipelineprocessor.ast.exceptions.FunctionEvaluationException: java.lang.IllegalArgumentException: This IPv6 address cannot be used in IPv4 context
It occurs around 2500 times each day.
What is the BEST way to troubleshoot error messages related to “unable to process message”? Has anyone written up a basic procedure that one could follow?
In older versions of Graylog I vaguely remember an interface where I could see the message that could not be processed, making it simple to find and fix the problem. If that’s here now I might be missing it.
I like this new discussion forum.