除了使用最新版本的组件之外,我尝试遵循Digital Ocean手册 。 我的elasticsearch.yml :
cluster.name: graylog2 network.bind_host: localhost network.publish_host: localhost script.disable_dynamic: true
Elasticsearch说这没关系。 然后我尝试了三个版本的graylog2.conf :
is_master = true node_id_file = /etc/graylog2-server-node-id password_secret = YRdFrLaoQQfRuSccOhU7Vy8vfoWlobVK5ZXf9G6joag4KyPQMLiITfO6EMysO2VrAwunhqE2e7gAVhuN4izPK0jakrtQqnRg root_password_sha2 = 5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8 plugin_dir = plugin rest_listen_uri = http://127.0.0.1:12900/ rest_transport_uri = http://127.0.0.1:12900/ elasticsearch_max_docs_per_index = 20000000 elasticsearch_max_number_of_indices = 20 retention_strategy = delete elasticsearch_shards = 1 elasticsearch_replicas = 0 elasticsearch_index_prefix = graylog2 allow_leading_wildcard_searches = false allow_highlighting = false elasticsearch_analyzer = standard output_batch_size = 25 output_flush_interval = 1 processbuffer_processors = 5 outputbuffer_processors = 3 processor_wait_strategy = blocking ring_size = 1024 dead_letters_enabled = false lb_recognition_period_seconds = 3 mongodb_useauth = false mongodb_host = 127.0.0.1 mongodb_database = graylog2 mongodb_port = 27017 mongodb_max_connections = 100 mongodb_threads_allowed_to_block_multiplier = 5 transport_email_enabled = false transport_email_hostname = mail.example.com transport_email_port = 587 transport_email_use_auth = true transport_email_use_tls = true transport_email_use_ssl = true transport_email_auth_username = [email protected] transport_email_auth_password = secret transport_email_subject_prefix = [graylog2] transport_email_from_email = [email protected]
在第二个版本中,我添加了行elasticsearch_discovery_zen_ping_unicast_hosts = 127.0.0.1:9200和第三个与9300端口相同的行。
有了这些configuration我有3个日志sudo java -jar /opt/graylog2-server/graylog2-server.jar --debug : 第一 , 第二和第三 。 他们都失败了。
它是一些版本不兼容的组件? 或者有没有办法在我的环境中解决这个问题?
您必须使用Elasticsearch版本0.90.10和Graylog2 0.20。 它使用的是二进制协议,不幸的是,这些协议通常不兼容。
这一行:
org.elasticsearch.transport.RemoteTransportException: Failed to deserialize exception response from stream
是什么给了问题,协议是不同的,所以Elasticsearch客户端无法连接到服务器。 如果你使用0.90.10,它将起作用。