Graylog2 v0.92 正式发布,此版本包括大量新特性,bug 修复和改进。 内容封装 内容封装绑定了 Graylog2 输入,提取器,流,仪表板和输出配置,可以提供完整的数据源支持。一些内容封装是默认的,可以在这个网站下载,也可以使用 Graylog2 Web 页面导入。 content pack for nginx |
1 2 3 4 5 6 7 | #elasticsearch_max_docs_per_index = 20000000#elasticsearch_max_size_per_index = 1073741824# Permitted suffixes are: d for day, h for hour, m for minute, s for second.elasticsearch_max_time_per_index = 1delasticsearch_max_number_of_indices = 20 |
Graylog2 REST API 现在开箱支持 SSL/TLS,提升了系统的安全性。之前的 HTTPS 代理需要部署在 REST API 之前:
rest_enable_tls (default: false): Option to activate SSL/TLS for the Graylog2 REST API
rest_tls_cert_file (default: empty): Path to the certificate file. If SSL/TLS is activated but this setting is empty, a temporary self-signed certificate will automatically be created.
rest_tls_key_file (default: empty): Path to the private key file. If SSL/TLS is activated but this setting is empty, a temporary private key will automatically be created.
rest_tls_key_password (default: empty): Optional passphrase to decrypt the private key.
[SERVER] IMPORTANT SECURITY FIX: It was possible to perform LDAP logins with crafted wildcards. (A big thank you to Jose Tozo who discovered this issue and disclosed it very responsibly.)
[SERVER] Generate a system notification if garbage collection takes longer than a configurable threshold.
[SERVER] Added several JVM-related metrics.
[SERVER] Added support for Elasticsearch 1.4.x which brings a lot of stability and resilience features to Elasticsearch clusters.
[SERVER] Made version check of Elasticsearch version optional. Disabling this check is not recommended.
[SERVER] Added an option to disable optimizing Elasticsearch indices on index cycling.
[SERVER] Added an option to disable time-range calculation for indices on index cycling.
[SERVER] Lots of other performance enhancements for large setups (i.e. involving several Radio nodes and multiple Graylog2 Servers).
[SERVER] Support for Syslog Octet Counting, as used by syslog-ng for syslog via TCP (#743)
[SERVER] Improved support for structured syslog messages (#744)
[SERVER] Bug fixes regarding IPv6 literals in mongodb_replica_set andelasticsearch_discovery_zen_ping_unicast_hosts
[WEB] Added additional details to system notification about Elasticsearch max. open file descriptors.
[WEB] Fixed several bugs and inconsistencies regarding time zones.
[WEB] Improved graphs and diagrams
[WEB] Allow to update dashboards when browser window is not on focus (#738)
[WEB] Bug fixes regarding timezone handling
…and of course numerous internal bug fixes
http://www.graylog2.org/download
Elasticsearch 升级指南:
http://www.elasticsearch.org/guide/en/elasticsearch/reference/1.x/setup-upgrade.html#restart-upgrade
更多内容请看发行说明。
Graylog2 是一个用来将系统日志syslog保存到MongoDB中的工具。 包括一个用Java编写的服务器,可接收来自TCP和UDP的syslog信息,Web接口使用Ruby编写,基于 Rails 框架,可用来查看日志信息。
通过 TCP/UDP 接收syslog信息
基于 MongoDB 的快速后端存储
GELF (Graylog Extended Log Format)
黑名单
过滤器
统计
