We upgraded to version 2.3.0 today, and can no longer search in ALL messages. If we search in anything less than ALL it appears to work fine. When we search in ALL messages we get this :
Could not execute search
There was an error executing your search. Please check your Graylog server logs for more information.
I must admit to being an idiot, I did not check the Elasticsearch nodes because I assumed this was a web server error. AND of course there’s the error.
Caught exception while handling client http traffic, closing connection [id: 0xc240ea17, /xxx.xxx.xxx.xxx:14692 => /xxx.xxx.xxx.xxx:10102]
org.jboss.netty.handler.codec.frame.TooLongFrameException: An HTTP line is larger than 4096 bytes.
And if I then take a few seconds to google the error I find that I can configure this http.max_initial_line_length to fix my problem.
Testing that now to see if that does indeed fix it, and what I need to set it to.
Sorry to waste your time with inadequate troubleshooting!!
Ok, so I bumped that up to 12kb and the error seems to happen less frequently. I still cannot search ALL messages, getting the same error. This time though, there is nothing in the log files that I can see. I’m sure I’m missing something, I just am not sure what it is.
