API tools faq
paste
Advertisement
Guest User

Graylog 4 log

a guest
Nov 20th, 2020
196
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 85.34 KB | None | 0 0
raw download clone embed print report
  1. 2020-11-20T16:27:05.258-03:00 INFO [CmdLineTool] Loaded plugin: TelegramNotification 2.3.1 [de.irgendwr.TelegramNotificationPlugin]
  2. 2020-11-20T16:27:05.261-03:00 INFO [CmdLineTool] Loaded plugin: AWS plugins 4.0.0 [org.graylog.aws.AWSPlugin]
  3. 2020-11-20T16:27:05.262-03:00 INFO [CmdLineTool] Loaded plugin: Collector 4.0.0 [org.graylog.plugins.collector.CollectorPlugin]
  4. 2020-11-20T16:27:05.263-03:00 INFO [CmdLineTool] Loaded plugin: Threat Intelligence Plugin 4.0.0 [org.graylog.plugins.threatintel.ThreatIntelPlugin]
  5. 2020-11-20T16:27:05.263-03:00 INFO [CmdLineTool] Loaded plugin: SnmpPlugin 0.3.0 [org.graylog.snmp.SnmpPlugin]
  6. 2020-11-20T16:27:05.263-03:00 INFO [CmdLineTool] Loaded plugin: Elasticsearch 6 Support 4.0.0+9376305 [org.graylog.storage.elasticsearch6.Elasticsearch6Plugin]
  7. 2020-11-20T16:27:05.263-03:00 INFO [CmdLineTool] Loaded plugin: Elasticsearch 7 Support 4.0.0+9376305 [org.graylog.storage.elasticsearch7.Elasticsearch7Plugin]
  8. 2020-11-20T16:27:05.453-03:00 INFO [CmdLineTool] Running with JVM arguments: -Xms4g -Xmx4g -XX:NewRatio=1 -XX:+ResizeTLAB -XX:+UseConcMarkSweepGC -XX:+CMSConcurrentMTEnabled -XX:+CMSClassUnloadingEnabled -XX:+UseParNewGC -XX:-OmitStackTraceInFastThrow -XX:+UseParNewGC -Dlog4j.configurationFile=file:///etc/graylog/server/log4j2.xml -Djava.library.path=/usr/share/graylog-server/lib/sigar -Dgraylog2.installation_source=deb
  9. 2020-11-20T16:27:05.644-03:00 INFO [Version] HV000001: Hibernate Validator null
  10. 2020-11-20T16:27:08.230-03:00 INFO [InputBufferImpl] Message journal is enabled.
  11. 2020-11-20T16:27:08.248-03:00 INFO [NodeId] Node ID: ddbb0e96-67f6-4d67-b8f7-0d2e074b608b
  12. 2020-11-20T16:27:08.417-03:00 INFO [LogManager] Loading logs.
  13. 2020-11-20T16:27:08.475-03:00 INFO [LogManager] Logs loading complete.
  14. 2020-11-20T16:27:08.479-03:00 INFO [KafkaJournal] Initialized Kafka based journal at /var/lib/graylog-server/journal
  15. 2020-11-20T16:27:08.521-03:00 INFO [cluster] Cluster created with settings {hosts=[localhost:27017], mode=SINGLE, requiredClusterType=UNKNOWN, serverSelectionTimeout='30000 ms', maxWaitQueueSize=5000}
  16. 2020-11-20T16:27:08.574-03:00 INFO [cluster] Cluster description not yet available. Waiting for 30000 ms before timing out
  17. 2020-11-20T16:27:08.601-03:00 INFO [connection] Opened connection [connectionId{localValue:1, serverValue:36}] to localhost:27017
  18. 2020-11-20T16:27:08.603-03:00 INFO [cluster] Monitor thread successfully connected to server with description ServerDescription{address=localhost:27017, type=STANDALONE, state=CONNECTED, ok=true, version=ServerVersion{versionList=[2, 6, 10]}, minWireVersion=0, maxWireVersion=2, maxDocumentSize=16777216, logicalSessionTimeoutMinutes=null, roundTripTimeNanos=1123342}
  19. 2020-11-20T16:27:08.616-03:00 INFO [connection] Opened connection [connectionId{localValue:2, serverValue:37}] to localhost:27017
  20. 2020-11-20T16:27:08.841-03:00 INFO [InputBufferImpl] Initialized InputBufferImpl with ring size <65536> and wait strategy <BlockingWaitStrategy>, running 4 parallel message handlers.
  21. 2020-11-20T16:27:09.096-03:00 INFO [ElasticsearchVersionProvider] Elasticsearch cluster is running v6.8.8
  22. 2020-11-20T16:27:09.135-03:00 INFO [AbstractJestClient] Setting server pool to a list of 1 servers: [http://172.16.2.240:9200]
  23. 2020-11-20T16:27:09.136-03:00 INFO [JestClientFactory] Using multi thread/connection supporting pooling connection manager
  24. 2020-11-20T16:27:09.200-03:00 INFO [JestClientFactory] Using custom ObjectMapper instance
  25. 2020-11-20T16:27:09.200-03:00 INFO [JestClientFactory] Node Discovery enabled...
  26. 2020-11-20T16:27:09.228-03:00 INFO [JestClientFactory] Idle connection reaping disabled...
  27. 2020-11-20T16:27:09.658-03:00 INFO [ProcessBuffer] Initialized ProcessBuffer with ring size <131072> and wait strategy <BlockingWaitStrategy>.
  28. 2020-11-20T16:27:09.932-03:00 INFO [OutputBuffer] Initialized OutputBuffer with ring size <131072> and wait strategy <BlockingWaitStrategy>.
  29. 2020-11-20T16:27:09.960-03:00 INFO [connection] Opened connection [connectionId{localValue:3, serverValue:38}] to localhost:27017
  30. 2020-11-20T16:27:10.669-03:00 INFO [ServerBootstrap] Graylog server 4.0.0+9376305 starting up
  31. 2020-11-20T16:27:10.670-03:00 INFO [ServerBootstrap] JRE: Private Build 1.8.0_275 on Linux 4.4.0-194-generic
  32. 2020-11-20T16:27:10.670-03:00 INFO [ServerBootstrap] Deployment: deb
  33. 2020-11-20T16:27:10.670-03:00 INFO [ServerBootstrap] OS: Ubuntu 16.04.7 LTS (xenial)
  34. 2020-11-20T16:27:10.670-03:00 INFO [ServerBootstrap] Arch: amd64
  35. 2020-11-20T16:27:10.709-03:00 INFO [PeriodicalsService] Starting 30 periodicals ...
  36. 2020-11-20T16:27:10.709-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.ThroughputCalculator] periodical in [0s], polling every [1s].
  37. 2020-11-20T16:27:10.804-03:00 INFO [Periodicals] Starting [org.graylog.plugins.pipelineprocessor.periodical.LegacyDefaultStreamMigration] periodical, running forever.
  38. 2020-11-20T16:27:10.813-03:00 INFO [connection] Opened connection [connectionId{localValue:4, serverValue:39}] to localhost:27017
  39. 2020-11-20T16:27:10.819-03:00 INFO [PeriodicalsService] Not starting [org.graylog2.periodical.AlertScannerThread] periodical. Not configured to run on this node.
  40. 2020-11-20T16:27:10.820-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.BatchedElasticSearchOutputFlushThread] periodical in [0s], polling every [1s].
  41. 2020-11-20T16:27:10.846-03:00 INFO [LegacyDefaultStreamMigration] Legacy default stream has no connections, no migration needed.
  42. 2020-11-20T16:27:10.847-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.ClusterHealthCheckThread] periodical in [120s], polling every [20s].
  43. 2020-11-20T16:27:10.847-03:00 INFO [PeriodicalsService] Not starting [org.graylog2.periodical.ContentPackLoaderPeriodical] periodical. Not configured to run on this node.
  44. 2020-11-20T16:27:10.848-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.GarbageCollectionWarningThread] periodical, running forever.
  45. 2020-11-20T16:27:10.848-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexerClusterCheckerThread] periodical in [0s], polling every [30s].
  46. 2020-11-20T16:27:10.848-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexRetentionThread] periodical in [0s], polling every [300s].
  47. 2020-11-20T16:27:10.855-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexRotationThread] periodical in [0s], polling every [10s].
  48. 2020-11-20T16:27:10.856-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.NodePingThread] periodical in [0s], polling every [1s].
  49. 2020-11-20T16:27:10.862-03:00 INFO [connection] Opened connection [connectionId{localValue:5, serverValue:40}] to localhost:27017
  50. 2020-11-20T16:27:10.872-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.VersionCheckThread] periodical in [300s], polling every [1800s].
  51. 2020-11-20T16:27:10.887-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.ThrottleStateUpdaterThread] periodical in [1s], polling every [1s].
  52. 2020-11-20T16:27:10.900-03:00 INFO [Periodicals] Starting [org.graylog2.events.ClusterEventPeriodical] periodical in [0s], polling every [1s].
  53. 2020-11-20T16:27:10.901-03:00 INFO [Periodicals] Starting [org.graylog2.events.ClusterEventCleanupPeriodical] periodical in [0s], polling every [86400s].
  54. 2020-11-20T16:27:10.901-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.ClusterIdGeneratorPeriodical] periodical, running forever.
  55. 2020-11-20T16:27:10.901-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexRangesMigrationPeriodical] periodical, running forever.
  56. 2020-11-20T16:27:10.906-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexRangesCleanupPeriodical] periodical in [15s], polling every [3600s].
  57. 2020-11-20T16:27:10.908-03:00 INFO [connection] Opened connection [connectionId{localValue:6, serverValue:41}] to localhost:27017
  58. 2020-11-20T16:27:10.919-03:00 INFO [connection] Opened connection [connectionId{localValue:7, serverValue:42}] to localhost:27017
  59. 2020-11-20T16:27:10.942-03:00 INFO [PeriodicalsService] Not starting [org.graylog2.periodical.UserPermissionMigrationPeriodical] periodical. Not configured to run on this node.
  60. 2020-11-20T16:27:10.943-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.ConfigurationManagementPeriodical] periodical, running forever.
  61. 2020-11-20T16:27:10.943-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexFailuresPeriodical] periodical, running forever.
  62. 2020-11-20T16:27:10.943-03:00 ERROR [LookupDataAdapter] Couldn't start data adapter <abuse-ch-ransomware-ip/5a0ddf9baf963c0edc44fc68/@64135161>
  63. org.graylog.plugins.threatintel.tools.AdapterDisabledException: Abuse.ch service is disabled, not starting adapter. To enable it please go to System / Configurations.
  64. at org.graylog.plugins.threatintel.adapters.abusech.AbuseChRansomAdapter.doStart(AbuseChRansomAdapter.java:96) ~[?:?]
  65. at org.graylog2.plugin.lookup.LookupDataAdapter.startUp(LookupDataAdapter.java:79) [graylog.jar:?]
  66. at com.google.common.util.concurrent.AbstractIdleService$DelegateService$1.run(AbstractIdleService.java:62) [graylog.jar:?]
  67. at com.google.common.util.concurrent.Callables$4.run(Callables.java:119) [graylog.jar:?]
  68. at java.lang.Thread.run(Thread.java:748) [?:1.8.0_275]
  69. 2020-11-20T16:27:10.966-03:00 INFO [LookupTableService] Data Adapter abuse-ch-ransomware-domains/5a0ddf9baf963c0edc44fc6d [@2c916636] STARTING
  70. 2020-11-20T16:27:10.967-03:00 INFO [LookupTableService] Data Adapter aria_json/5ee8de9d326862721e882bd2 [@2f96f1d1] STARTING
  71. 2020-11-20T16:27:10.967-03:00 INFO [LookupTableService] Data Adapter spamhaus-drop/5a0ddf9baf963c0edc44fc67 [@7f79be22] STARTING
  72. 2020-11-20T16:27:10.967-03:00 INFO [LookupTableService] Data Adapter tor-exit-node/5a0ddf9baf963c0edc44fc6b [@7c24d038] STARTING
  73. 2020-11-20T16:27:10.967-03:00 INFO [LookupTableService] Data Adapter otx-ip/5a0ddf9baf963c0edc44fc6c [@766ecdd3] STARTING
  74. 2020-11-20T16:27:10.975-03:00 INFO [LookupTableService] Data Adapter whois/5a0ddf9baf963c0edc44fc6a [@474e3c9d] STARTING
  75. 2020-11-20T16:27:10.978-03:00 INFO [LookupTableService] Data Adapter queue-name-adapter/5c8114153bbc820783336b95 [@2f16a1b5] STARTING
  76. 2020-11-20T16:27:10.982-03:00 ERROR [LookupDataAdapter] Couldn't start data adapter <abuse-ch-ransomware-domains/5a0ddf9baf963c0edc44fc6d/@2c916636>
  77. org.graylog.plugins.threatintel.tools.AdapterDisabledException: Abuse.ch service is disabled, not starting adapter. To enable it please go to System / Configurations.
  78. at org.graylog.plugins.threatintel.adapters.abusech.AbuseChRansomAdapter.doStart(AbuseChRansomAdapter.java:96) ~[?:?]
  79. at org.graylog2.plugin.lookup.LookupDataAdapter.startUp(LookupDataAdapter.java:79) [graylog.jar:?]
  80. at com.google.common.util.concurrent.AbstractIdleService$DelegateService$1.run(AbstractIdleService.java:62) [graylog.jar:?]
  81. at com.google.common.util.concurrent.Callables$4.run(Callables.java:119) [graylog.jar:?]
  82. at java.lang.Thread.run(Thread.java:748) [?:1.8.0_275]
  83. 2020-11-20T16:27:10.982-03:00 ERROR [LookupDataAdapter] Couldn't start data adapter <spamhaus-drop/5a0ddf9baf963c0edc44fc67/@7f79be22>
  84. org.graylog.plugins.threatintel.tools.AdapterDisabledException: Spamhaus service is disabled, not starting (E)DROP adapter. To enable it please go to System / Configurations.
  85. at org.graylog.plugins.threatintel.adapters.spamhaus.SpamhausEDROPDataAdapter.doStart(SpamhausEDROPDataAdapter.java:85) ~[?:?]
  86. at org.graylog2.plugin.lookup.LookupDataAdapter.startUp(LookupDataAdapter.java:79) [graylog.jar:?]
  87. at com.google.common.util.concurrent.AbstractIdleService$DelegateService$1.run(AbstractIdleService.java:62) [graylog.jar:?]
  88. at com.google.common.util.concurrent.Callables$4.run(Callables.java:119) [graylog.jar:?]
  89. at java.lang.Thread.run(Thread.java:748) [?:1.8.0_275]
  90. 2020-11-20T16:27:10.983-03:00 INFO [LookupTableService] Data Adapter abuse-ch-ransomware-ip/5a0ddf9baf963c0edc44fc68 [@64135161] STARTING
  91. 2020-11-20T16:27:10.983-03:00 ERROR [LookupDataAdapter] Couldn't start data adapter <tor-exit-node/5a0ddf9baf963c0edc44fc6b/@7c24d038>
  92. org.graylog.plugins.threatintel.tools.AdapterDisabledException: TOR service is disabled, not starting TOR exit addresses adapter. To enable it please go to System / Configurations.
  93. at org.graylog.plugins.threatintel.adapters.tor.TorExitNodeDataAdapter.doStart(TorExitNodeDataAdapter.java:89) ~[?:?]
  94. at org.graylog2.plugin.lookup.LookupDataAdapter.startUp(LookupDataAdapter.java:79) [graylog.jar:?]
  95. at com.google.common.util.concurrent.AbstractIdleService$DelegateService$1.run(AbstractIdleService.java:62) [graylog.jar:?]
  96. at com.google.common.util.concurrent.Callables$4.run(Callables.java:119) [graylog.jar:?]
  97. at java.lang.Thread.run(Thread.java:748) [?:1.8.0_275]
  98. 2020-11-20T16:27:10.984-03:00 INFO [LookupTableService] Data Adapter queue-name-adapter/5c8114153bbc820783336b95 [@2f16a1b5] RUNNING
  99. 2020-11-20T16:27:10.990-03:00 INFO [LookupTableService] Data Adapter whois/5a0ddf9baf963c0edc44fc6a [@474e3c9d] RUNNING
  100. 2020-11-20T16:27:10.991-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.TrafficCounterCalculator] periodical in [0s], polling every [1s].
  101. 2020-11-20T16:27:10.991-03:00 INFO [Periodicals] Starting [org.graylog2.indexer.fieldtypes.IndexFieldTypePollerPeriodical] periodical in [0s], polling every [3600s].
  102. 2020-11-20T16:27:10.991-03:00 INFO [Periodicals] Starting [org.graylog.scheduler.periodicals.ScheduleTriggerCleanUp] periodical in [120s], polling every [86400s].
  103. 2020-11-20T16:27:10.991-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.ESVersionCheckPeriodical] periodical in [0s], polling every [30s].
  104. 2020-11-20T16:27:10.991-03:00 INFO [Periodicals] Starting [org.graylog.plugins.sidecar.periodical.PurgeExpiredSidecarsThread] periodical in [0s], polling every [600s].
  105. 2020-11-20T16:27:10.992-03:00 INFO [Periodicals] Starting [org.graylog.plugins.sidecar.periodical.PurgeExpiredConfigurationUploads] periodical in [0s], polling every [600s].
  106. 2020-11-20T16:27:10.992-03:00 INFO [Periodicals] Starting [org.graylog.plugins.views.search.db.SearchesCleanUpJob] periodical in [3600s], polling every [28800s].
  107. 2020-11-20T16:27:10.997-03:00 INFO [Periodicals] Starting [org.graylog.events.periodicals.EventNotificationStatusCleanUp] periodical in [120s], polling every [86400s].
  108. 2020-11-20T16:27:10.983-03:00 INFO [LookupTableService] Data Adapter abuse-ch-ransomware-ip/5a0ddf9baf963c0edc44fc68 [@64135161] RUNNING
  109. 2020-11-20T16:27:10.983-03:00 INFO [LookupTableService] Data Adapter asn-adapter/5c6aac273bbc820e9060a043 [@1c7ba9cd] STARTING
  110. 2020-11-20T16:27:10.998-03:00 INFO [LookupTableService] Data Adapter abuse-ch-ransomware-domains/5a0ddf9baf963c0edc44fc6d [@2c916636] RUNNING
  111. 2020-11-20T16:27:10.998-03:00 INFO [LookupTableService] Data Adapter asn-adapter/5c6aac273bbc820e9060a043 [@1c7ba9cd] RUNNING
  112. 2020-11-20T16:27:11.002-03:00 INFO [LookupTableService] Data Adapter spamhaus-drop/5a0ddf9baf963c0edc44fc67 [@7f79be22] RUNNING
  113. 2020-11-20T16:27:11.002-03:00 INFO [LookupTableService] Data Adapter otx-ip/5a0ddf9baf963c0edc44fc6c [@766ecdd3] RUNNING
  114. 2020-11-20T16:27:11.003-03:00 INFO [LookupTableService] Data Adapter aria_json/5ee8de9d326862721e882bd2 [@2f96f1d1] RUNNING
  115. 2020-11-20T16:27:10.998-03:00 INFO [LookupTableService] Data Adapter tor-exit-node/5a0ddf9baf963c0edc44fc6b [@7c24d038] RUNNING
  116. 2020-11-20T16:27:11.004-03:00 INFO [Periodicals] Starting [org.graylog.plugins.collector.periodical.PurgeExpiredCollectorsThread] periodical in [0s], polling every [3600s].
  117. 2020-11-20T16:27:11.078-03:00 INFO [LookupTableService] Cache threat-intel-uncached-adapters/5a0ddf9baf963c0edc44fc64 [@1866aad7] STARTING
  118. 2020-11-20T16:27:11.079-03:00 INFO [LookupTableService] Cache whois-cache/5a0ddf9baf963c0edc44fc62 [@110f4c6d] STARTING
  119. 2020-11-20T16:27:11.079-03:00 INFO [LookupTableService] Cache asn-cache-2/5d0255153bbc82032d37f487 [@7a86a672] STARTING
  120. 2020-11-20T16:27:11.079-03:00 INFO [LookupTableService] Cache queues2/5ee8fa9a326862721e884a34 [@49ed17c4] STARTING
  121. 2020-11-20T16:27:11.090-03:00 INFO [LookupTableService] Cache spamhaus-e-drop-cache/5a0ddf9baf963c0edc44fc63 [@316385ae] STARTING
  122. 2020-11-20T16:27:11.095-03:00 INFO [LookupTableService] Cache whois-cache/5a0ddf9baf963c0edc44fc62 [@110f4c6d] RUNNING
  123. 2020-11-20T16:27:11.095-03:00 INFO [LookupTableService] Cache queues2/5ee8fa9a326862721e884a34 [@49ed17c4] RUNNING
  124. 2020-11-20T16:27:11.099-03:00 INFO [LookupTableService] Cache asn-cache-2/5d0255153bbc82032d37f487 [@7a86a672] RUNNING
  125. 2020-11-20T16:27:11.099-03:00 INFO [LookupTableService] Cache threat-intel-uncached-adapters/5a0ddf9baf963c0edc44fc64 [@1866aad7] RUNNING
  126. 2020-11-20T16:27:11.100-03:00 INFO [LookupTableService] Cache spamhaus-e-drop-cache/5a0ddf9baf963c0edc44fc63 [@316385ae] RUNNING
  127. 2020-11-20T16:27:11.113-03:00 INFO [LookupTableService] Starting lookup table spamhaus-drop/5a0ddf9baf963c0edc44fc6f [@4cae4a84] using cache spamhaus-e-drop-cache/5a0ddf9baf963c0edc44fc63 [@316385ae], data adapter spamhaus-drop/5a0ddf9baf963c0edc44fc67 [@7f79be22]
  128. 2020-11-20T16:27:11.113-03:00 INFO [LookupTableService] Starting lookup table whois/5a0ddf9baf963c0edc44fc70 [@5c2d4886] using cache whois-cache/5a0ddf9baf963c0edc44fc62 [@110f4c6d], data adapter whois/5a0ddf9baf963c0edc44fc6a [@474e3c9d]
  129. 2020-11-20T16:27:11.113-03:00 INFO [LookupTableService] Starting lookup table tor-exit-node-list/5a0ddf9baf963c0edc44fc71 [@28f55f1d] using cache threat-intel-uncached-adapters/5a0ddf9baf963c0edc44fc64 [@1866aad7], data adapter tor-exit-node/5a0ddf9baf963c0edc44fc6b [@7c24d038]
  130. 2020-11-20T16:27:11.113-03:00 INFO [LookupTableService] Starting lookup table abuse-ch-ransomware-domains/5a0ddf9baf963c0edc44fc73 [@593961ff] using cache threat-intel-uncached-adapters/5a0ddf9baf963c0edc44fc64 [@1866aad7], data adapter abuse-ch-ransomware-domains/5a0ddf9baf963c0edc44fc6d [@2c916636]
  131. 2020-11-20T16:27:11.113-03:00 INFO [LookupTableService] Starting lookup table abuse-ch-ransomware-ip/5a0ddf9baf963c0edc44fc74 [@677dea36] using cache threat-intel-uncached-adapters/5a0ddf9baf963c0edc44fc64 [@1866aad7], data adapter abuse-ch-ransomware-ip/5a0ddf9baf963c0edc44fc68 [@64135161]
  132. 2020-11-20T16:27:11.114-03:00 INFO [LookupTableService] Starting lookup table asn-lkt/5c6aac733bbc820e9060a098 [@51a2f727] using cache asn-cache-2/5d0255153bbc82032d37f487 [@7a86a672], data adapter asn-adapter/5c6aac273bbc820e9060a043 [@1c7ba9cd]
  133. 2020-11-20T16:27:11.114-03:00 INFO [LookupTableService] Starting lookup table q-lkp/5c81178c3bbc820783337630 [@532d57b9] using cache queues2/5ee8fa9a326862721e884a34 [@49ed17c4], data adapter aria_json/5ee8de9d326862721e882bd2 [@2f96f1d1]
  134. 2020-11-20T16:27:11.519-03:00 ERROR [ConfigurationManagementPeriodical] Error while running migration <V20190705071400_AddEventIndexSetsMigration{2019-07-05T07:14:00Z}>
  135. java.lang.IllegalStateException: Index prefix conflict: a non-events index-set with prefix <gl-events> already exists. Configure a different <default_events_index_prefix> value in the server config file.
  136. at org.graylog2.migrations.V20190705071400_AddEventIndexSetsMigration.checkIndexPrefixConflicts(V20190705071400_AddEventIndexSetsMigration.java:130) ~[graylog.jar:?]
  137. at org.graylog2.migrations.V20190705071400_AddEventIndexSetsMigration.ensureEventsStreamAndIndexSet(V20190705071400_AddEventIndexSetsMigration.java:111) ~[graylog.jar:?]
  138. at org.graylog2.migrations.V20190705071400_AddEventIndexSetsMigration.upgrade(V20190705071400_AddEventIndexSetsMigration.java:84) ~[graylog.jar:?]
  139. at org.graylog2.periodical.ConfigurationManagementPeriodical.doRun(ConfigurationManagementPeriodical.java:42) [graylog.jar:?]
  140. at org.graylog2.plugin.periodical.Periodical.run(Periodical.java:77) [graylog.jar:?]
  141. at java.lang.Thread.run(Thread.java:748) [?:1.8.0_275]
  142. 2020-11-20T16:27:11.691-03:00 ERROR [ConfigurationManagementPeriodical] Error while running migration <V20200409083200_RemoveRootQueriesFromMigratedDashboards{2020-04-09T08:32:00Z}>
  143. com.mongodb.MongoWriteException: cannot use the part (queries of queries.$[elem].query.query_string) to traverse the element ({queries: [ { id: "00000170-0c48-aa03-8788-00505694f28c", timerange: { type: "relative", range: 300 }, query: { type: "elasticsearch", query_string: "" }, search_types: [ { id: "00000170-0c48-a9ff-8788-00505694f28c", timerange: { type: "keyword", keyword: "last 6 hours" }, query: { type: "elasticsearch", query_string: "source:tickets" }, streams: [], name: "chart", series: [ { type: "count", id: "count()", field: null } ], sort: [ { type: "series", field: "ticket_cause", direction: "Descending" } ], rollup: true, type: "pivot", row_groups: [ { field: "ticket_cause", limit: 5, type: "values" } ], column_groups: [] }, { id: "00000170-0c48-aa01-8788-00505694f28c", timerange: { type: "relative", range: 21600 }, query: { type: "elasticsearch", query_string: "source:tickets" }, streams: [], name: "chart", series: [ { type: "count", id: "count()", field: null } ], sort: [ { type: "series", field: "ticket_nodo", direction: "Descending" } ], rollup: true, type: "pivot", row_groups: [ { field: "ticket_nodo", limit: 5, type: "values" } ], column_groups: [] }, { id: "00000170-0c48-aa00-8788-00505694f28c", timerange: { type: "keyword", keyword: "last 6 hours" }, query: { type: "elasticsearch", query_string: "source:tickets" }, streams: [], name: "chart", series: [ { type: "count", id: "count()", field: null } ], sort: [ { type: "series", field: "ticket_cause", direction: "Descending" } ], rollup: true, type: "pivot", row_groups: [ { field: "ticket_cause", limit: 50, type: "values" } ], column_groups: [] }, { id: "00000170-0c48-aa02-8788-00505694f28c", timerange: { type: "relative", range: 21600 }, query: { type: "elasticsearch", query_string: "source:tickets" }, streams: [], name: "chart", series: [ { type: "count", id: "count()", field: null } ], sort: [ { type: "series", field: "ticket_nodo", direction: "Descending" } ], rollup: true, type: "pivot", row_groups: [ { field: "ticket_nodo", limit: 50, type: "values" } ], column_groups: [] } ] } ]})
  144. at com.mongodb.client.internal.MongoCollectionImpl.executeSingleWriteRequest(MongoCollectionImpl.java:1060) ~[graylog.jar:?]
  145. at com.mongodb.client.internal.MongoCollectionImpl.executeUpdate(MongoCollectionImpl.java:1037) ~[graylog.jar:?]
  146. at com.mongodb.client.internal.MongoCollectionImpl.updateMany(MongoCollectionImpl.java:668) ~[graylog.jar:?]
  147. at org.graylog.plugins.views.migrations.V20200409083200_RemoveRootQueriesFromMigratedDashboards.upgrade(V20200409083200_RemoveRootQueriesFromMigratedDashboards.java:96) ~[graylog.jar:?]
  148. at org.graylog2.periodical.ConfigurationManagementPeriodical.doRun(ConfigurationManagementPeriodical.java:42) [graylog.jar:?]
  149. at org.graylog2.plugin.periodical.Periodical.run(Periodical.java:77) [graylog.jar:?]
  150. at java.lang.Thread.run(Thread.java:748) [?:1.8.0_275]
  151. 2020-11-20T16:27:30.141-03:00 INFO [NetworkListener] Started listener bound to [172.16.2.131:9000]
  152. 2020-11-20T16:27:30.143-03:00 INFO [HttpServer] [HttpServer] Started.
  153. 2020-11-20T16:27:30.143-03:00 INFO [JerseyService] Started REST API at <172.16.2.131:9000>
  154. 2020-11-20T16:27:30.144-03:00 INFO [ServerBootstrap] Services started, startup times in ms: {InputSetupService [RUNNING]=29, EtagService [RUNNING]=116, OutputSetupService [RUNNING]=117, UrlWhitelistService [RUNNING]=118, JobSchedulerService [RUNNING]=126, BufferSynchronizerService [RUNNING]=126, JournalReader [RUNNING]=127, GracefulShutdownService [RUNNING]=128, ConfigurationEtagService [RUNNING]=132, KafkaJournal [RUNNING]=133, MongoDBProcessingStatusRecorderService [RUNNING]=205, StreamCacheService [RUNNING]=222, PeriodicalsService [RUNNING]=316, LookupTableService [RUNNING]=409, JerseyService [RUNNING]=19448}
  155. 2020-11-20T16:27:30.146-03:00 INFO [ServiceManagerListener] Services are healthy
  156. 2020-11-20T16:27:30.147-03:00 INFO [InputSetupService] Triggering launching persisted inputs, node transitioned from Uninitialized [LB:DEAD] to Running [LB:ALIVE]
  157. 2020-11-20T16:27:30.147-03:00 INFO [ServerBootstrap] Graylog server up and running.
  158. 2020-11-20T16:27:30.186-03:00 INFO [InputStateListener] Input [Syslog UDP/59b1a628af963c249eaced4b] is now STARTING
  159. 2020-11-20T16:27:30.200-03:00 INFO [InputStateListener] Input [Syslog UDP/59c90186af963c0396e166e4] is now STARTING
  160. 2020-11-20T16:27:30.200-03:00 INFO [InputStateListener] Input [Syslog UDP/5de115193bbc825575f5cd6e] is now STARTING
  161. 2020-11-20T16:27:30.201-03:00 INFO [InputStateListener] Input [Syslog UDP/5ba13aae3bbc820310494f89] is now STARTING
  162. 2020-11-20T16:27:30.203-03:00 INFO [InputStateListener] Input [Syslog UDP/5bc0dc763bbc8203106b9925] is now STARTING
  163. 2020-11-20T16:27:30.204-03:00 INFO [InputStateListener] Input [Syslog UDP/5ec690e43bbc8233761d539c] is now STARTING
  164. 2020-11-20T16:27:30.205-03:00 INFO [InputStateListener] Input [Syslog UDP/5eb337343bbc821e37698f1e] is now STARTING
  165. 2020-11-20T16:27:30.210-03:00 INFO [InputStateListener] Input [Syslog UDP/5a09dc89af963c03b73c3647] is now STARTING
  166. 2020-11-20T16:27:30.228-03:00 INFO [InputStateListener] Input [Raw/Plaintext UDP/59db6a6caf963c03af1db25e] is now STARTING
  167. 2020-11-20T16:27:30.334-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Unifi controller, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x6503879c, L:/0:0:0:0:0:0:0:0%0:5521]) should be 262144 but is 425984.
  168. 2020-11-20T16:27:30.334-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=DNS, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x9411a1f6, L:/0:0:0:0:0:0:0:0%0:5530]) should be 262144 but is 425984.
  169. 2020-11-20T16:27:30.334-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Bind non queries log, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xf88409ad, L:/0:0:0:0:0:0:0:0%0:5522]) should be 262144 but is 425984.
  170. 2020-11-20T16:27:30.335-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input RawUDPInput{title=Fastnetmon, type=org.graylog2.inputs.raw.udp.RawUDPInput, nodeId=null} (channel [id: 0x76f12094, L:/0:0:0:0:0:0:0:0%0:5515]) should be 262144 but is 425984.
  171. 2020-11-20T16:27:30.335-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Routers, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x610aed54, L:/0:0:0:0:0:0:0:0%0:5516]) should be 262144 but is 425984.
  172. 2020-11-20T16:27:30.335-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Syslog UDP 5514, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xee89cad2, L:/0:0:0:0:0:0:0:0%0:5514]) should be 262144 but is 425984.
  173. 2020-11-20T16:27:30.335-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Firewall, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xe9d63fc8, L:/0:0:0:0:0:0:0:0%0:5519]) should be 262144 but is 425984.
  174. 2020-11-20T16:27:30.335-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Linux servers, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x9046a9bb, L:/0:0:0:0:0:0:0:0%0:5517]) should be 262144 but is 425984.
  175. 2020-11-20T16:27:30.335-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Tickets, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x5b178336, L:/0:0:0:0:0:0:0:0%0:5529]) should be 262144 but is 425984.
  176. 2020-11-20T16:27:30.355-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Firewall, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x11b76b4f, L:/0:0:0:0:0:0:0:0%0:5519]) should be 262144 but is 425984.
  177. 2020-11-20T16:27:30.355-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Syslog UDP 5514, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x549e0254, L:/0:0:0:0:0:0:0:0%0:5514]) should be 262144 but is 425984.
  178. 2020-11-20T16:27:30.356-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Routers, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x4876ae93, L:/0:0:0:0:0:0:0:0%0:5516]) should be 262144 but is 425984.
  179. 2020-11-20T16:27:30.359-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Unifi controller, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x351ad915, L:/0:0:0:0:0:0:0:0%0:5521]) should be 262144 but is 425984.
  180. 2020-11-20T16:27:30.362-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Linux servers, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x6f9ffba9, L:/0:0:0:0:0:0:0:0%0:5517]) should be 262144 but is 425984.
  181. 2020-11-20T16:27:30.378-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Tickets, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x688b3260, L:/0:0:0:0:0:0:0:0%0:5529]) should be 262144 but is 425984.
  182. 2020-11-20T16:27:30.378-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input RawUDPInput{title=Fastnetmon, type=org.graylog2.inputs.raw.udp.RawUDPInput, nodeId=null} (channel [id: 0x2b18ddea, L:/0:0:0:0:0:0:0:0%0:5515]) should be 262144 but is 425984.
  183. 2020-11-20T16:27:30.389-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Syslog UDP 5514, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xd215e039, L:/0:0:0:0:0:0:0:0%0:5514]) should be 262144 but is 425984.
  184. 2020-11-20T16:27:30.389-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Routers, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x53ddc83a, L:/0:0:0:0:0:0:0:0%0:5516]) should be 262144 but is 425984.
  185. 2020-11-20T16:27:30.390-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Linux servers, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x3e36d53a, L:/0:0:0:0:0:0:0:0%0:5517]) should be 262144 but is 425984.
  186. 2020-11-20T16:27:30.392-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Firewall, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x0e1259fa, L:/0:0:0:0:0:0:0:0%0:5519]) should be 262144 but is 425984.
  187. 2020-11-20T16:27:30.398-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=DNS, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x6f1c5287, L:/0:0:0:0:0:0:0:0%0:5530]) should be 262144 but is 425984.
  188. 2020-11-20T16:27:30.399-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Bind non queries log, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xecad6a18, L:/0:0:0:0:0:0:0:0%0:5522]) should be 262144 but is 425984.
  189. 2020-11-20T16:27:30.487-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Unifi controller, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x6ad8ebf8, L:/0:0:0:0:0:0:0:0%0:5521]) should be 262144 but is 425984.
  190. 2020-11-20T16:27:30.487-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Tickets, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x259aab61, L:/0:0:0:0:0:0:0:0%0:5529]) should be 262144 but is 425984.
  191. 2020-11-20T16:27:30.514-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Linux servers, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xbd2ff88f, L:/0:0:0:0:0:0:0:0%0:5517]) should be 262144 but is 425984.
  192. 2020-11-20T16:27:30.514-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Syslog UDP 5514, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xe414bed3, L:/0:0:0:0:0:0:0:0%0:5514]) should be 262144 but is 425984.
  193. 2020-11-20T16:27:30.529-03:00 INFO [InputStateListener] Input [Syslog UDP/5a09dc89af963c03b73c3647] is now RUNNING
  194. 2020-11-20T16:27:30.531-03:00 INFO [InputStateListener] Input [Syslog UDP/5de115193bbc825575f5cd6e] is now RUNNING
  195. 2020-11-20T16:27:30.542-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input RawUDPInput{title=Fastnetmon, type=org.graylog2.inputs.raw.udp.RawUDPInput, nodeId=null} (channel [id: 0xfeafda5a, L:/0:0:0:0:0:0:0:0%0:5515]) should be 262144 but is 425984.
  196. 2020-11-20T16:27:30.575-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=DNS, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xdd1d93a2, L:/0:0:0:0:0:0:0:0%0:5530]) should be 262144 but is 425984.
  197. 2020-11-20T16:27:30.577-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Firewall, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xa4960328, L:/0:0:0:0:0:0:0:0%0:5519]) should be 262144 but is 425984.
  198. 2020-11-20T16:27:30.577-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Routers, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xe5e2d35a, L:/0:0:0:0:0:0:0:0%0:5516]) should be 262144 but is 425984.
  199. 2020-11-20T16:27:30.579-03:00 INFO [InputStateListener] Input [Syslog UDP/59c90186af963c0396e166e4] is now RUNNING
  200. 2020-11-20T16:27:30.580-03:00 INFO [InputStateListener] Input [Syslog UDP/5bc0dc763bbc8203106b9925] is now RUNNING
  201. 2020-11-20T16:27:30.711-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Bind non queries log, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xd6d55d8d, L:/0:0:0:0:0:0:0:0%0:5522]) should be 262144 but is 425984.
  202. 2020-11-20T16:27:30.711-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Unifi controller, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x0db67685, L:/0:0:0:0:0:0:0:0%0:5521]) should be 262144 but is 425984.
  203. 2020-11-20T16:27:30.711-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input RawUDPInput{title=Fastnetmon, type=org.graylog2.inputs.raw.udp.RawUDPInput, nodeId=null} (channel [id: 0x563eec02, L:/0:0:0:0:0:0:0:0%0:5515]) should be 262144 but is 425984.
  204. 2020-11-20T16:27:30.712-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Tickets, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xacc01608, L:/0:0:0:0:0:0:0:0%0:5529]) should be 262144 but is 425984.
  205. 2020-11-20T16:27:30.717-03:00 INFO [InputStateListener] Input [Syslog UDP/5ba13aae3bbc820310494f89] is now RUNNING
  206. 2020-11-20T16:27:30.718-03:00 INFO [InputStateListener] Input [Raw/Plaintext UDP/59db6a6caf963c03af1db25e] is now RUNNING
  207. 2020-11-20T16:27:30.719-03:00 INFO [InputStateListener] Input [Syslog UDP/59b1a628af963c249eaced4b] is now RUNNING
  208. 2020-11-20T16:27:30.741-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=DNS, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x3574a0a4, L:/0:0:0:0:0:0:0:0%0:5530]) should be 262144 but is 425984.
  209. 2020-11-20T16:27:30.743-03:00 INFO [InputStateListener] Input [Syslog UDP/5eb337343bbc821e37698f1e] is now RUNNING
  210. 2020-11-20T16:27:30.748-03:00 INFO [InputStateListener] Input [Syslog UDP/5ec690e43bbc8233761d539c] is now RUNNING
  211. 2020-11-20T16:27:30.749-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Bind non queries log, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x0a6585cd, L:/0:0:0:0:0:0:0:0%0:5522]) should be 262144 but is 425984.
  212. 2020-11-20T16:28:47.044-03:00 INFO [Server] SIGNAL received. Shutting down.
  213. 2020-11-20T16:28:47.045-03:00 INFO [GracefulShutdown] Graceful shutdown initiated.
  214. 2020-11-20T16:28:47.046-03:00 INFO [GracefulShutdown] Node status: [Halting [LB:DEAD]]. Waiting <3sec> for possible load balancers to recognize state change.
  215. 2020-11-20T16:28:51.048-03:00 INFO [InputSetupService] Attempting to close input <org.graylog2.inputs.syslog.udp.SyslogUDPInput.5ec690e43bbc8233761d539c> [Syslog UDP].
  216. 2020-11-20T16:28:51.055-03:00 INFO [InputSetupService] Input <org.graylog2.inputs.syslog.udp.SyslogUDPInput.5ec690e43bbc8233761d539c> closed. Took [6ms]
  217. 2020-11-20T16:28:51.055-03:00 INFO [InputSetupService] Attempting to close input <org.graylog2.inputs.syslog.udp.SyslogUDPInput.5a09dc89af963c03b73c3647> [Syslog UDP].
  218. 2020-11-20T16:28:51.060-03:00 INFO [InputSetupService] Input <org.graylog2.inputs.syslog.udp.SyslogUDPInput.5a09dc89af963c03b73c3647> closed. Took [4ms]
  219. 2020-11-20T16:28:51.060-03:00 INFO [InputSetupService] Attempting to close input <org.graylog2.inputs.syslog.udp.SyslogUDPInput.5ba13aae3bbc820310494f89> [Syslog UDP].
  220. 2020-11-20T16:28:51.065-03:00 INFO [InputSetupService] Input <org.graylog2.inputs.syslog.udp.SyslogUDPInput.5ba13aae3bbc820310494f89> closed. Took [5ms]
  221. 2020-11-20T16:28:51.065-03:00 INFO [InputSetupService] Attempting to close input <org.graylog2.inputs.syslog.udp.SyslogUDPInput.59b1a628af963c249eaced4b> [Syslog UDP].
  222. 2020-11-20T16:28:51.068-03:00 INFO [InputSetupService] Input <org.graylog2.inputs.syslog.udp.SyslogUDPInput.59b1a628af963c249eaced4b> closed. Took [2ms]
  223. 2020-11-20T16:28:51.068-03:00 INFO [InputSetupService] Attempting to close input <org.graylog2.inputs.syslog.udp.SyslogUDPInput.59c90186af963c0396e166e4> [Syslog UDP].
  224. 2020-11-20T16:28:51.073-03:00 INFO [InputSetupService] Input <org.graylog2.inputs.syslog.udp.SyslogUDPInput.59c90186af963c0396e166e4> closed. Took [4ms]
  225. 2020-11-20T16:28:51.073-03:00 INFO [InputSetupService] Attempting to close input <org.graylog2.inputs.syslog.udp.SyslogUDPInput.5bc0dc763bbc8203106b9925> [Syslog UDP].
  226. 2020-11-20T16:28:51.074-03:00 INFO [InputSetupService] Input <org.graylog2.inputs.syslog.udp.SyslogUDPInput.5bc0dc763bbc8203106b9925> closed. Took [1ms]
  227. 2020-11-20T16:28:51.074-03:00 INFO [InputSetupService] Attempting to close input <org.graylog2.inputs.syslog.udp.SyslogUDPInput.5eb337343bbc821e37698f1e> [Syslog UDP].
  228. 2020-11-20T16:28:51.077-03:00 INFO [InputSetupService] Input <org.graylog2.inputs.syslog.udp.SyslogUDPInput.5eb337343bbc821e37698f1e> closed. Took [3ms]
  229. 2020-11-20T16:28:51.077-03:00 INFO [InputSetupService] Attempting to close input <org.graylog2.inputs.raw.udp.RawUDPInput.59db6a6caf963c03af1db25e> [Raw/Plaintext UDP].
  230. 2020-11-20T16:28:51.081-03:00 INFO [InputSetupService] Input <org.graylog2.inputs.raw.udp.RawUDPInput.59db6a6caf963c03af1db25e> closed. Took [3ms]
  231. 2020-11-20T16:28:51.081-03:00 INFO [InputSetupService] Attempting to close input <org.graylog2.inputs.syslog.udp.SyslogUDPInput.5de115193bbc825575f5cd6e> [Syslog UDP].
  232. 2020-11-20T16:28:51.082-03:00 INFO [InputSetupService] Input <org.graylog2.inputs.syslog.udp.SyslogUDPInput.5de115193bbc825575f5cd6e> closed. Took [1ms]
  233. 2020-11-20T16:28:51.098-03:00 INFO [Buffers] Waiting until all buffers are empty.
  234. 2020-11-20T16:28:51.099-03:00 INFO [Buffers] All buffers are empty. Continuing.
  235. 2020-11-20T16:28:51.100-03:00 INFO [OutputSetupService] Stopping output org.graylog2.outputs.BlockingBatchedESOutput
  236. 2020-11-20T16:28:51.103-03:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.periodical.BatchedElasticSearchOutputFlushThread].
  237. 2020-11-20T16:28:51.103-03:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.periodical.BatchedElasticSearchOutputFlushThread] complete, took <0ms>.
  238. 2020-11-20T16:28:51.103-03:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.periodical.ClusterHealthCheckThread].
  239. 2020-11-20T16:28:51.103-03:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.periodical.ClusterHealthCheckThread] complete, took <0ms>.
  240. 2020-11-20T16:28:51.103-03:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.periodical.IndexerClusterCheckerThread].
  241. 2020-11-20T16:28:51.103-03:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.periodical.IndexerClusterCheckerThread] complete, took <0ms>.
  242. 2020-11-20T16:28:51.103-03:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.periodical.IndexRetentionThread].
  243. 2020-11-20T16:28:51.103-03:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.periodical.IndexRetentionThread] complete, took <0ms>.
  244. 2020-11-20T16:28:51.104-03:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.periodical.IndexRotationThread].
  245. 2020-11-20T16:28:51.104-03:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.periodical.IndexRotationThread] complete, took <0ms>.
  246. 2020-11-20T16:28:51.104-03:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.periodical.VersionCheckThread].
  247. 2020-11-20T16:28:51.104-03:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.periodical.VersionCheckThread] complete, took <0ms>.
  248. 2020-11-20T16:28:51.104-03:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.periodical.ThrottleStateUpdaterThread].
  249. 2020-11-20T16:28:51.104-03:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.periodical.ThrottleStateUpdaterThread] complete, took <0ms>.
  250. 2020-11-20T16:28:51.104-03:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.events.ClusterEventPeriodical].
  251. 2020-11-20T16:28:51.104-03:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.events.ClusterEventPeriodical] complete, took <0ms>.
  252. 2020-11-20T16:28:51.104-03:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.events.ClusterEventCleanupPeriodical].
  253. 2020-11-20T16:28:51.104-03:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.events.ClusterEventCleanupPeriodical] complete, took <0ms>.
  254. 2020-11-20T16:28:51.104-03:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.periodical.IndexRangesCleanupPeriodical].
  255. 2020-11-20T16:28:51.104-03:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.periodical.IndexRangesCleanupPeriodical] complete, took <0ms>.
  256. 2020-11-20T16:28:51.104-03:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.periodical.TrafficCounterCalculator].
  257. 2020-11-20T16:28:51.104-03:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.periodical.TrafficCounterCalculator] complete, took <0ms>.
  258. 2020-11-20T16:28:51.104-03:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.indexer.fieldtypes.IndexFieldTypePollerPeriodical].
  259. 2020-11-20T16:28:51.104-03:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.indexer.fieldtypes.IndexFieldTypePollerPeriodical] complete, took <0ms>.
  260. 2020-11-20T16:28:51.105-03:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog.scheduler.periodicals.ScheduleTriggerCleanUp].
  261. 2020-11-20T16:28:51.105-03:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog.scheduler.periodicals.ScheduleTriggerCleanUp] complete, took <0ms>.
  262. 2020-11-20T16:28:51.105-03:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog2.periodical.ESVersionCheckPeriodical].
  263. 2020-11-20T16:28:51.105-03:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog2.periodical.ESVersionCheckPeriodical] complete, took <0ms>.
  264. 2020-11-20T16:28:51.105-03:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog.plugins.sidecar.periodical.PurgeExpiredSidecarsThread].
  265. 2020-11-20T16:28:51.105-03:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog.plugins.sidecar.periodical.PurgeExpiredSidecarsThread] complete, took <0ms>.
  266. 2020-11-20T16:28:51.105-03:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog.plugins.sidecar.periodical.PurgeExpiredConfigurationUploads].
  267. 2020-11-20T16:28:51.105-03:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog.plugins.sidecar.periodical.PurgeExpiredConfigurationUploads] complete, took <0ms>.
  268. 2020-11-20T16:28:51.105-03:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog.plugins.views.search.db.SearchesCleanUpJob].
  269. 2020-11-20T16:28:51.105-03:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog.plugins.views.search.db.SearchesCleanUpJob] complete, took <0ms>.
  270. 2020-11-20T16:28:51.105-03:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog.events.periodicals.EventNotificationStatusCleanUp].
  271. 2020-11-20T16:28:51.105-03:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog.events.periodicals.EventNotificationStatusCleanUp] complete, took <0ms>.
  272. 2020-11-20T16:28:51.105-03:00 INFO [PeriodicalsService] Shutting down periodical [org.graylog.plugins.collector.periodical.PurgeExpiredCollectorsThread].
  273. 2020-11-20T16:28:51.105-03:00 INFO [PeriodicalsService] Shutdown of periodical [org.graylog.plugins.collector.periodical.PurgeExpiredCollectorsThread] complete, took <0ms>.
  274. 2020-11-20T16:28:51.107-03:00 INFO [GracefulShutdownService] Running graceful shutdown for <2> shutdown hooks
  275. 2020-11-20T16:28:51.108-03:00 INFO [GracefulShutdownService] Initiate shutdown for <JobWorkerPool>
  276. 2020-11-20T16:28:51.108-03:00 INFO [GracefulShutdownService] Finished shutdown for <JobWorkerPool>, took 0 ms
  277. 2020-11-20T16:28:51.108-03:00 INFO [GracefulShutdownService] Initiate shutdown for <RestHighLevelClientProvider$$Lambda$331/1036227602>
  278. 2020-11-20T16:28:51.109-03:00 INFO [GracefulShutdownService] Finished shutdown for <RestHighLevelClientProvider$$Lambda$331/1036227602>, took 0 ms
  279. 2020-11-20T16:28:51.110-03:00 INFO [GracefulShutdown] Goodbye.
  280. 2020-11-20T16:28:51.110-03:00 INFO [JerseyService] Shutting down HTTP listener at <172.16.2.131:9000>
  281. 2020-11-20T16:28:51.114-03:00 INFO [LogManager] Shutting down.
  282. 2020-11-20T16:28:51.119-03:00 INFO [LookupTableService] Cache asn-cache-2/5d0255153bbc82032d37f487 [@7a86a672] STOPPING, was RUNNING
  283. 2020-11-20T16:28:51.123-03:00 INFO [LookupTableService] Cache threat-intel-uncached-adapters/5a0ddf9baf963c0edc44fc64 [@1866aad7] STOPPING, was RUNNING
  284. 2020-11-20T16:28:51.131-03:00 INFO [LookupTableService] Cache queues2/5ee8fa9a326862721e884a34 [@49ed17c4] STOPPING, was RUNNING
  285. 2020-11-20T16:28:51.131-03:00 INFO [LookupTableService] Cache whois-cache/5a0ddf9baf963c0edc44fc62 [@110f4c6d] STOPPING, was RUNNING
  286. 2020-11-20T16:28:51.134-03:00 INFO [LookupTableService] Cache whois-cache/5a0ddf9baf963c0edc44fc62 [@110f4c6d] TERMINATED, was STOPPING
  287. 2020-11-20T16:28:51.131-03:00 INFO [LookupTableService] Cache asn-cache-2/5d0255153bbc82032d37f487 [@7a86a672] TERMINATED, was STOPPING
  288. 2020-11-20T16:28:51.135-03:00 INFO [LookupTableService] Cache queues2/5ee8fa9a326862721e884a34 [@49ed17c4] TERMINATED, was STOPPING
  289. 2020-11-20T16:28:51.135-03:00 INFO [LookupTableService] Data Adapter asn-adapter/5c6aac273bbc820e9060a043 [@1c7ba9cd] STOPPING, was RUNNING
  290. 2020-11-20T16:28:51.131-03:00 INFO [LookupTableService] Cache spamhaus-e-drop-cache/5a0ddf9baf963c0edc44fc63 [@316385ae] STOPPING, was RUNNING
  291. 2020-11-20T16:28:51.135-03:00 INFO [LookupTableService] Cache spamhaus-e-drop-cache/5a0ddf9baf963c0edc44fc63 [@316385ae] TERMINATED, was STOPPING
  292. 2020-11-20T16:28:51.142-03:00 INFO [LookupTableService] Cache threat-intel-uncached-adapters/5a0ddf9baf963c0edc44fc64 [@1866aad7] TERMINATED, was STOPPING
  293. 2020-11-20T16:28:51.142-03:00 INFO [LookupTableService] Data Adapter spamhaus-drop/5a0ddf9baf963c0edc44fc67 [@7f79be22] STOPPING, was RUNNING
  294. 2020-11-20T16:28:51.142-03:00 INFO [LookupTableService] Data Adapter abuse-ch-ransomware-ip/5a0ddf9baf963c0edc44fc68 [@64135161] STOPPING, was RUNNING
  295. 2020-11-20T16:28:51.142-03:00 INFO [LookupTableService] Data Adapter otx-ip/5a0ddf9baf963c0edc44fc6c [@766ecdd3] STOPPING, was RUNNING
  296. 2020-11-20T16:28:51.142-03:00 INFO [LookupTableService] Data Adapter spamhaus-drop/5a0ddf9baf963c0edc44fc67 [@7f79be22] TERMINATED, was STOPPING
  297. 2020-11-20T16:28:51.142-03:00 INFO [LookupTableService] Data Adapter abuse-ch-ransomware-ip/5a0ddf9baf963c0edc44fc68 [@64135161] TERMINATED, was STOPPING
  298. 2020-11-20T16:28:51.142-03:00 INFO [LookupTableService] Data Adapter whois/5a0ddf9baf963c0edc44fc6a [@474e3c9d] STOPPING, was RUNNING
  299. 2020-11-20T16:28:51.142-03:00 INFO [LookupTableService] Data Adapter tor-exit-node/5a0ddf9baf963c0edc44fc6b [@7c24d038] STOPPING, was RUNNING
  300. 2020-11-20T16:28:51.142-03:00 INFO [LookupTableService] Data Adapter tor-exit-node/5a0ddf9baf963c0edc44fc6b [@7c24d038] TERMINATED, was STOPPING
  301. 2020-11-20T16:28:51.142-03:00 INFO [LookupTableService] Data Adapter aria_json/5ee8de9d326862721e882bd2 [@2f96f1d1] STOPPING, was RUNNING
  302. 2020-11-20T16:28:51.142-03:00 INFO [LookupTableService] Data Adapter queue-name-adapter/5c8114153bbc820783336b95 [@2f16a1b5] STOPPING, was RUNNING
  303. 2020-11-20T16:28:51.142-03:00 INFO [LookupTableService] Data Adapter aria_json/5ee8de9d326862721e882bd2 [@2f96f1d1] TERMINATED, was STOPPING
  304. 2020-11-20T16:28:51.143-03:00 INFO [LookupTableService] Data Adapter queue-name-adapter/5c8114153bbc820783336b95 [@2f16a1b5] TERMINATED, was STOPPING
  305. 2020-11-20T16:28:51.142-03:00 INFO [LookupTableService] Data Adapter otx-ip/5a0ddf9baf963c0edc44fc6c [@766ecdd3] TERMINATED, was STOPPING
  306. 2020-11-20T16:28:51.143-03:00 INFO [LookupTableService] Data Adapter asn-adapter/5c6aac273bbc820e9060a043 [@1c7ba9cd] TERMINATED, was STOPPING
  307. 2020-11-20T16:28:51.147-03:00 INFO [LookupTableService] Data Adapter abuse-ch-ransomware-domains/5a0ddf9baf963c0edc44fc6d [@2c916636] STOPPING, was RUNNING
  308. 2020-11-20T16:28:51.147-03:00 INFO [LookupDataAdapterRefreshService] Stopping 0 jobs
  309. 2020-11-20T16:28:51.147-03:00 INFO [LookupTableService] Data Adapter abuse-ch-ransomware-domains/5a0ddf9baf963c0edc44fc6d [@2c916636] TERMINATED, was STOPPING
  310. 2020-11-20T16:28:51.147-03:00 INFO [LookupTableService] Data Adapter whois/5a0ddf9baf963c0edc44fc6a [@474e3c9d] TERMINATED, was STOPPING
  311. 2020-11-20T16:28:51.153-03:00 INFO [JournalReader] Stopping.
  312. 2020-11-20T16:28:51.168-03:00 INFO [NetworkListener] Stopped listener bound to [172.16.2.131:9000]
  313. 2020-11-20T16:28:51.197-03:00 INFO [LogManager] Shutdown complete.
  314. 2020-11-20T16:28:51.241-03:00 INFO [ServiceManagerListener] Services are now stopped.
  315. 2020-11-20T16:28:52.721-03:00 INFO [CmdLineTool] Loaded plugin: AWS plugins 4.0.0 [org.graylog.aws.AWSPlugin]
  316. 2020-11-20T16:28:52.724-03:00 INFO [CmdLineTool] Loaded plugin: Collector 4.0.0 [org.graylog.plugins.collector.CollectorPlugin]
  317. 2020-11-20T16:28:52.725-03:00 INFO [CmdLineTool] Loaded plugin: Threat Intelligence Plugin 4.0.0 [org.graylog.plugins.threatintel.ThreatIntelPlugin]
  318. 2020-11-20T16:28:52.725-03:00 INFO [CmdLineTool] Loaded plugin: SnmpPlugin 0.3.0 [org.graylog.snmp.SnmpPlugin]
  319. 2020-11-20T16:28:52.725-03:00 INFO [CmdLineTool] Loaded plugin: Elasticsearch 6 Support 4.0.0+9376305 [org.graylog.storage.elasticsearch6.Elasticsearch6Plugin]
  320. 2020-11-20T16:28:52.725-03:00 INFO [CmdLineTool] Loaded plugin: Elasticsearch 7 Support 4.0.0+9376305 [org.graylog.storage.elasticsearch7.Elasticsearch7Plugin]
  321. 2020-11-20T16:28:52.914-03:00 INFO [CmdLineTool] Running with JVM arguments: -Xms4g -Xmx4g -XX:NewRatio=1 -XX:+ResizeTLAB -XX:+UseConcMarkSweepGC -XX:+CMSConcurrentMTEnabled -XX:+CMSClassUnloadingEnabled -XX:+UseParNewGC -XX:-OmitStackTraceInFastThrow -XX:+UseParNewGC -Dlog4j.configurationFile=file:///etc/graylog/server/log4j2.xml -Djava.library.path=/usr/share/graylog-server/lib/sigar -Dgraylog2.installation_source=deb
  322. 2020-11-20T16:28:53.104-03:00 INFO [Version] HV000001: Hibernate Validator null
  323. 2020-11-20T16:28:55.640-03:00 INFO [InputBufferImpl] Message journal is enabled.
  324. 2020-11-20T16:28:55.658-03:00 INFO [NodeId] Node ID: ddbb0e96-67f6-4d67-b8f7-0d2e074b608b
  325. 2020-11-20T16:28:55.830-03:00 INFO [LogManager] Loading logs.
  326. 2020-11-20T16:28:55.889-03:00 INFO [LogManager] Logs loading complete.
  327. 2020-11-20T16:28:55.892-03:00 INFO [KafkaJournal] Initialized Kafka based journal at /var/lib/graylog-server/journal
  328. 2020-11-20T16:28:55.915-03:00 INFO [cluster] Cluster created with settings {hosts=[localhost:27017], mode=SINGLE, requiredClusterType=UNKNOWN, serverSelectionTimeout='30000 ms', maxWaitQueueSize=5000}
  329. 2020-11-20T16:28:55.967-03:00 INFO [cluster] Cluster description not yet available. Waiting for 30000 ms before timing out
  330. 2020-11-20T16:28:55.979-03:00 INFO [connection] Opened connection [connectionId{localValue:1, serverValue:43}] to localhost:27017
  331. 2020-11-20T16:28:55.982-03:00 INFO [cluster] Monitor thread successfully connected to server with description ServerDescription{address=localhost:27017, type=STANDALONE, state=CONNECTED, ok=true, version=ServerVersion{versionList=[2, 6, 10]}, minWireVersion=0, maxWireVersion=2, maxDocumentSize=16777216, logicalSessionTimeoutMinutes=null, roundTripTimeNanos=1226468}
  332. 2020-11-20T16:28:55.994-03:00 INFO [connection] Opened connection [connectionId{localValue:2, serverValue:44}] to localhost:27017
  333. 2020-11-20T16:28:56.195-03:00 INFO [InputBufferImpl] Initialized InputBufferImpl with ring size <65536> and wait strategy <BlockingWaitStrategy>, running 4 parallel message handlers.
  334. 2020-11-20T16:28:56.465-03:00 INFO [ElasticsearchVersionProvider] Elasticsearch cluster is running v6.8.8
  335. 2020-11-20T16:28:56.505-03:00 INFO [AbstractJestClient] Setting server pool to a list of 1 servers: [http://172.16.2.240:9200]
  336. 2020-11-20T16:28:56.506-03:00 INFO [JestClientFactory] Using multi thread/connection supporting pooling connection manager
  337. 2020-11-20T16:28:56.564-03:00 INFO [JestClientFactory] Using custom ObjectMapper instance
  338. 2020-11-20T16:28:56.565-03:00 INFO [JestClientFactory] Node Discovery enabled...
  339. 2020-11-20T16:28:56.577-03:00 INFO [JestClientFactory] Idle connection reaping disabled...
  340. 2020-11-20T16:28:57.011-03:00 INFO [ProcessBuffer] Initialized ProcessBuffer with ring size <131072> and wait strategy <BlockingWaitStrategy>.
  341. 2020-11-20T16:28:57.269-03:00 INFO [OutputBuffer] Initialized OutputBuffer with ring size <131072> and wait strategy <BlockingWaitStrategy>.
  342. 2020-11-20T16:28:57.301-03:00 INFO [connection] Opened connection [connectionId{localValue:3, serverValue:45}] to localhost:27017
  343. 2020-11-20T16:28:57.997-03:00 INFO [ServerBootstrap] Graylog server 4.0.0+9376305 starting up
  344. 2020-11-20T16:28:57.997-03:00 INFO [ServerBootstrap] JRE: Private Build 1.8.0_275 on Linux 4.4.0-194-generic
  345. 2020-11-20T16:28:57.998-03:00 INFO [ServerBootstrap] Deployment: deb
  346. 2020-11-20T16:28:57.998-03:00 INFO [ServerBootstrap] OS: Ubuntu 16.04.7 LTS (xenial)
  347. 2020-11-20T16:28:57.998-03:00 INFO [ServerBootstrap] Arch: amd64
  348. 2020-11-20T16:28:58.028-03:00 INFO [PeriodicalsService] Starting 30 periodicals ...
  349. 2020-11-20T16:28:58.028-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.ThroughputCalculator] periodical in [0s], polling every [1s].
  350. 2020-11-20T16:28:58.034-03:00 INFO [Periodicals] Starting [org.graylog.plugins.pipelineprocessor.periodical.LegacyDefaultStreamMigration] periodical, running forever.
  351. 2020-11-20T16:28:58.035-03:00 INFO [PeriodicalsService] Not starting [org.graylog2.periodical.AlertScannerThread] periodical. Not configured to run on this node.
  352. 2020-11-20T16:28:58.035-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.BatchedElasticSearchOutputFlushThread] periodical in [0s], polling every [1s].
  353. 2020-11-20T16:28:58.152-03:00 INFO [LegacyDefaultStreamMigration] Legacy default stream has no connections, no migration needed.
  354. 2020-11-20T16:28:58.155-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.ClusterHealthCheckThread] periodical in [120s], polling every [20s].
  355. 2020-11-20T16:28:58.169-03:00 INFO [PeriodicalsService] Not starting [org.graylog2.periodical.ContentPackLoaderPeriodical] periodical. Not configured to run on this node.
  356. 2020-11-20T16:28:58.169-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.GarbageCollectionWarningThread] periodical, running forever.
  357. 2020-11-20T16:28:58.170-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexerClusterCheckerThread] periodical in [0s], polling every [30s].
  358. 2020-11-20T16:28:58.170-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexRetentionThread] periodical in [0s], polling every [300s].
  359. 2020-11-20T16:28:58.170-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexRotationThread] periodical in [0s], polling every [10s].
  360. 2020-11-20T16:28:58.171-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.NodePingThread] periodical in [0s], polling every [1s].
  361. 2020-11-20T16:28:58.171-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.VersionCheckThread] periodical in [300s], polling every [1800s].
  362. 2020-11-20T16:28:58.171-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.ThrottleStateUpdaterThread] periodical in [1s], polling every [1s].
  363. 2020-11-20T16:28:58.171-03:00 INFO [Periodicals] Starting [org.graylog2.events.ClusterEventPeriodical] periodical in [0s], polling every [1s].
  364. 2020-11-20T16:28:58.172-03:00 INFO [Periodicals] Starting [org.graylog2.events.ClusterEventCleanupPeriodical] periodical in [0s], polling every [86400s].
  365. 2020-11-20T16:28:58.172-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.ClusterIdGeneratorPeriodical] periodical, running forever.
  366. 2020-11-20T16:28:58.173-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexRangesMigrationPeriodical] periodical, running forever.
  367. 2020-11-20T16:28:58.173-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexRangesCleanupPeriodical] periodical in [15s], polling every [3600s].
  368. 2020-11-20T16:28:58.181-03:00 INFO [connection] Opened connection [connectionId{localValue:4, serverValue:46}] to localhost:27017
  369. 2020-11-20T16:28:58.197-03:00 INFO [connection] Opened connection [connectionId{localValue:5, serverValue:47}] to localhost:27017
  370. 2020-11-20T16:28:58.214-03:00 INFO [connection] Opened connection [connectionId{localValue:6, serverValue:48}] to localhost:27017
  371. 2020-11-20T16:28:58.214-03:00 INFO [PeriodicalsService] Not starting [org.graylog2.periodical.UserPermissionMigrationPeriodical] periodical. Not configured to run on this node.
  372. 2020-11-20T16:28:58.228-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.ConfigurationManagementPeriodical] periodical, running forever.
  373. 2020-11-20T16:28:58.238-03:00 INFO [LookupTableService] Data Adapter spamhaus-drop/5a0ddf9baf963c0edc44fc67 [@7fe3c5e9] STARTING
  374. 2020-11-20T16:28:58.239-03:00 INFO [LookupTableService] Data Adapter abuse-ch-ransomware-domains/5a0ddf9baf963c0edc44fc6d [@2fcee274] STARTING
  375. 2020-11-20T16:28:58.239-03:00 INFO [LookupTableService] Data Adapter abuse-ch-ransomware-ip/5a0ddf9baf963c0edc44fc68 [@118b4aeb] STARTING
  376. 2020-11-20T16:28:58.239-03:00 INFO [LookupTableService] Data Adapter tor-exit-node/5a0ddf9baf963c0edc44fc6b [@3ad3f478] STARTING
  377. 2020-11-20T16:28:58.239-03:00 INFO [LookupTableService] Data Adapter asn-adapter/5c6aac273bbc820e9060a043 [@2a99d733] STARTING
  378. 2020-11-20T16:28:58.242-03:00 INFO [LookupTableService] Data Adapter otx-ip/5a0ddf9baf963c0edc44fc6c [@a9bb76b] STARTING
  379. 2020-11-20T16:28:58.243-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.IndexFailuresPeriodical] periodical, running forever.
  380. 2020-11-20T16:28:58.243-03:00 INFO [LookupTableService] Data Adapter whois/5a0ddf9baf963c0edc44fc6a [@4a2d2b1e] STARTING
  381. 2020-11-20T16:28:58.217-03:00 ERROR [LookupDataAdapter] Couldn't start data adapter <abuse-ch-ransomware-ip/5a0ddf9baf963c0edc44fc68/@118b4aeb>
  382. org.graylog.plugins.threatintel.tools.AdapterDisabledException: Abuse.ch service is disabled, not starting adapter. To enable it please go to System / Configurations.
  383. at org.graylog.plugins.threatintel.adapters.abusech.AbuseChRansomAdapter.doStart(AbuseChRansomAdapter.java:96) ~[?:?]
  384. at org.graylog2.plugin.lookup.LookupDataAdapter.startUp(LookupDataAdapter.java:79) [graylog.jar:?]
  385. at com.google.common.util.concurrent.AbstractIdleService$DelegateService$1.run(AbstractIdleService.java:62) [graylog.jar:?]
  386. at com.google.common.util.concurrent.Callables$4.run(Callables.java:119) [graylog.jar:?]
  387. at java.lang.Thread.run(Thread.java:748) [?:1.8.0_275]
  388. 2020-11-20T16:28:58.247-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.TrafficCounterCalculator] periodical in [0s], polling every [1s].
  389. 2020-11-20T16:28:58.248-03:00 INFO [Periodicals] Starting [org.graylog2.indexer.fieldtypes.IndexFieldTypePollerPeriodical] periodical in [0s], polling every [3600s].
  390. 2020-11-20T16:28:58.248-03:00 INFO [Periodicals] Starting [org.graylog.scheduler.periodicals.ScheduleTriggerCleanUp] periodical in [120s], polling every [86400s].
  391. 2020-11-20T16:28:58.248-03:00 INFO [Periodicals] Starting [org.graylog2.periodical.ESVersionCheckPeriodical] periodical in [0s], polling every [30s].
  392. 2020-11-20T16:28:58.248-03:00 INFO [Periodicals] Starting [org.graylog.plugins.sidecar.periodical.PurgeExpiredSidecarsThread] periodical in [0s], polling every [600s].
  393. 2020-11-20T16:28:58.248-03:00 INFO [Periodicals] Starting [org.graylog.plugins.sidecar.periodical.PurgeExpiredConfigurationUploads] periodical in [0s], polling every [600s].
  394. 2020-11-20T16:28:58.248-03:00 INFO [Periodicals] Starting [org.graylog.plugins.views.search.db.SearchesCleanUpJob] periodical in [3600s], polling every [28800s].
  395. 2020-11-20T16:28:58.249-03:00 INFO [Periodicals] Starting [org.graylog.events.periodicals.EventNotificationStatusCleanUp] periodical in [120s], polling every [86400s].
  396. 2020-11-20T16:28:58.249-03:00 INFO [Periodicals] Starting [org.graylog.plugins.collector.periodical.PurgeExpiredCollectorsThread] periodical in [0s], polling every [3600s].
  397. 2020-11-20T16:28:58.252-03:00 ERROR [LookupDataAdapter] Couldn't start data adapter <spamhaus-drop/5a0ddf9baf963c0edc44fc67/@7fe3c5e9>
  398. org.graylog.plugins.threatintel.tools.AdapterDisabledException: Spamhaus service is disabled, not starting (E)DROP adapter. To enable it please go to System / Configurations.
  399. at org.graylog.plugins.threatintel.adapters.spamhaus.SpamhausEDROPDataAdapter.doStart(SpamhausEDROPDataAdapter.java:85) ~[?:?]
  400. at org.graylog2.plugin.lookup.LookupDataAdapter.startUp(LookupDataAdapter.java:79) [graylog.jar:?]
  401. at com.google.common.util.concurrent.AbstractIdleService$DelegateService$1.run(AbstractIdleService.java:62) [graylog.jar:?]
  402. at com.google.common.util.concurrent.Callables$4.run(Callables.java:119) [graylog.jar:?]
  403. at java.lang.Thread.run(Thread.java:748) [?:1.8.0_275]
  404. 2020-11-20T16:28:58.252-03:00 ERROR [LookupDataAdapter] Couldn't start data adapter <abuse-ch-ransomware-domains/5a0ddf9baf963c0edc44fc6d/@2fcee274>
  405. org.graylog.plugins.threatintel.tools.AdapterDisabledException: Abuse.ch service is disabled, not starting adapter. To enable it please go to System / Configurations.
  406. at org.graylog.plugins.threatintel.adapters.abusech.AbuseChRansomAdapter.doStart(AbuseChRansomAdapter.java:96) ~[?:?]
  407. at org.graylog2.plugin.lookup.LookupDataAdapter.startUp(LookupDataAdapter.java:79) [graylog.jar:?]
  408. at com.google.common.util.concurrent.AbstractIdleService$DelegateService$1.run(AbstractIdleService.java:62) [graylog.jar:?]
  409. at com.google.common.util.concurrent.Callables$4.run(Callables.java:119) [graylog.jar:?]
  410. at java.lang.Thread.run(Thread.java:748) [?:1.8.0_275]
  411. 2020-11-20T16:28:58.255-03:00 ERROR [LookupDataAdapter] Couldn't start data adapter <tor-exit-node/5a0ddf9baf963c0edc44fc6b/@3ad3f478>
  412. org.graylog.plugins.threatintel.tools.AdapterDisabledException: TOR service is disabled, not starting TOR exit addresses adapter. To enable it please go to System / Configurations.
  413. at org.graylog.plugins.threatintel.adapters.tor.TorExitNodeDataAdapter.doStart(TorExitNodeDataAdapter.java:89) ~[?:?]
  414. at org.graylog2.plugin.lookup.LookupDataAdapter.startUp(LookupDataAdapter.java:79) [graylog.jar:?]
  415. at com.google.common.util.concurrent.AbstractIdleService$DelegateService$1.run(AbstractIdleService.java:62) [graylog.jar:?]
  416. at com.google.common.util.concurrent.Callables$4.run(Callables.java:119) [graylog.jar:?]
  417. at java.lang.Thread.run(Thread.java:748) [?:1.8.0_275]
  418. 2020-11-20T16:28:58.256-03:00 INFO [LookupTableService] Data Adapter queue-name-adapter/5c8114153bbc820783336b95 [@61757a01] STARTING
  419. 2020-11-20T16:28:58.256-03:00 INFO [LookupTableService] Data Adapter aria_json/5ee8de9d326862721e882bd2 [@3602a9ab] STARTING
  420. 2020-11-20T16:28:58.256-03:00 INFO [LookupTableService] Data Adapter abuse-ch-ransomware-ip/5a0ddf9baf963c0edc44fc68 [@118b4aeb] RUNNING
  421. 2020-11-20T16:28:58.257-03:00 INFO [LookupTableService] Data Adapter whois/5a0ddf9baf963c0edc44fc6a [@4a2d2b1e] RUNNING
  422. 2020-11-20T16:28:58.257-03:00 INFO [LookupTableService] Data Adapter spamhaus-drop/5a0ddf9baf963c0edc44fc67 [@7fe3c5e9] RUNNING
  423. 2020-11-20T16:28:58.258-03:00 INFO [LookupTableService] Data Adapter abuse-ch-ransomware-domains/5a0ddf9baf963c0edc44fc6d [@2fcee274] RUNNING
  424. 2020-11-20T16:28:58.275-03:00 INFO [LookupTableService] Data Adapter tor-exit-node/5a0ddf9baf963c0edc44fc6b [@3ad3f478] RUNNING
  425. 2020-11-20T16:28:58.278-03:00 INFO [LookupTableService] Data Adapter asn-adapter/5c6aac273bbc820e9060a043 [@2a99d733] RUNNING
  426. 2020-11-20T16:28:58.278-03:00 INFO [LookupTableService] Data Adapter aria_json/5ee8de9d326862721e882bd2 [@3602a9ab] RUNNING
  427. 2020-11-20T16:28:58.279-03:00 INFO [LookupTableService] Data Adapter queue-name-adapter/5c8114153bbc820783336b95 [@61757a01] RUNNING
  428. 2020-11-20T16:28:58.278-03:00 INFO [LookupTableService] Data Adapter otx-ip/5a0ddf9baf963c0edc44fc6c [@a9bb76b] RUNNING
  429. 2020-11-20T16:28:58.345-03:00 INFO [LookupTableService] Cache spamhaus-e-drop-cache/5a0ddf9baf963c0edc44fc63 [@5a901eb0] STARTING
  430. 2020-11-20T16:28:58.352-03:00 INFO [LookupTableService] Cache threat-intel-uncached-adapters/5a0ddf9baf963c0edc44fc64 [@19fa40d8] STARTING
  431. 2020-11-20T16:28:58.352-03:00 INFO [LookupTableService] Cache whois-cache/5a0ddf9baf963c0edc44fc62 [@413c9dfa] STARTING
  432. 2020-11-20T16:28:58.352-03:00 INFO [LookupTableService] Cache asn-cache-2/5d0255153bbc82032d37f487 [@2487811c] STARTING
  433. 2020-11-20T16:28:58.360-03:00 INFO [LookupTableService] Cache queues2/5ee8fa9a326862721e884a34 [@8cf4100] STARTING
  434. 2020-11-20T16:28:58.382-03:00 INFO [LookupTableService] Cache spamhaus-e-drop-cache/5a0ddf9baf963c0edc44fc63 [@5a901eb0] RUNNING
  435. 2020-11-20T16:28:58.382-03:00 INFO [LookupTableService] Cache whois-cache/5a0ddf9baf963c0edc44fc62 [@413c9dfa] RUNNING
  436. 2020-11-20T16:28:58.382-03:00 INFO [LookupTableService] Cache threat-intel-uncached-adapters/5a0ddf9baf963c0edc44fc64 [@19fa40d8] RUNNING
  437. 2020-11-20T16:28:58.382-03:00 INFO [LookupTableService] Cache queues2/5ee8fa9a326862721e884a34 [@8cf4100] RUNNING
  438. 2020-11-20T16:28:58.382-03:00 INFO [LookupTableService] Cache asn-cache-2/5d0255153bbc82032d37f487 [@2487811c] RUNNING
  439. 2020-11-20T16:28:58.389-03:00 INFO [LookupTableService] Starting lookup table spamhaus-drop/5a0ddf9baf963c0edc44fc6f [@34f8bf02] using cache spamhaus-e-drop-cache/5a0ddf9baf963c0edc44fc63 [@5a901eb0], data adapter spamhaus-drop/5a0ddf9baf963c0edc44fc67 [@7fe3c5e9]
  440. 2020-11-20T16:28:58.389-03:00 INFO [LookupTableService] Starting lookup table whois/5a0ddf9baf963c0edc44fc70 [@405a48e6] using cache whois-cache/5a0ddf9baf963c0edc44fc62 [@413c9dfa], data adapter whois/5a0ddf9baf963c0edc44fc6a [@4a2d2b1e]
  441. 2020-11-20T16:28:58.390-03:00 INFO [LookupTableService] Starting lookup table tor-exit-node-list/5a0ddf9baf963c0edc44fc71 [@36e0029] using cache threat-intel-uncached-adapters/5a0ddf9baf963c0edc44fc64 [@19fa40d8], data adapter tor-exit-node/5a0ddf9baf963c0edc44fc6b [@3ad3f478]
  442. 2020-11-20T16:28:58.390-03:00 INFO [LookupTableService] Starting lookup table abuse-ch-ransomware-domains/5a0ddf9baf963c0edc44fc73 [@289d5667] using cache threat-intel-uncached-adapters/5a0ddf9baf963c0edc44fc64 [@19fa40d8], data adapter abuse-ch-ransomware-domains/5a0ddf9baf963c0edc44fc6d [@2fcee274]
  443. 2020-11-20T16:28:58.390-03:00 INFO [LookupTableService] Starting lookup table abuse-ch-ransomware-ip/5a0ddf9baf963c0edc44fc74 [@59ececd9] using cache threat-intel-uncached-adapters/5a0ddf9baf963c0edc44fc64 [@19fa40d8], data adapter abuse-ch-ransomware-ip/5a0ddf9baf963c0edc44fc68 [@118b4aeb]
  444. 2020-11-20T16:28:58.390-03:00 INFO [LookupTableService] Starting lookup table asn-lkt/5c6aac733bbc820e9060a098 [@4be3927a] using cache asn-cache-2/5d0255153bbc82032d37f487 [@2487811c], data adapter asn-adapter/5c6aac273bbc820e9060a043 [@2a99d733]
  445. 2020-11-20T16:28:58.390-03:00 INFO [LookupTableService] Starting lookup table q-lkp/5c81178c3bbc820783337630 [@38ffac67] using cache queues2/5ee8fa9a326862721e884a34 [@8cf4100], data adapter aria_json/5ee8de9d326862721e882bd2 [@3602a9ab]
  446. 2020-11-20T16:28:58.851-03:00 ERROR [ConfigurationManagementPeriodical] Error while running migration <V20190705071400_AddEventIndexSetsMigration{2019-07-05T07:14:00Z}>
  447. java.lang.IllegalStateException: Index prefix conflict: a non-events index-set with prefix <gl-events> already exists. Configure a different <default_events_index_prefix> value in the server config file.
  448. at org.graylog2.migrations.V20190705071400_AddEventIndexSetsMigration.checkIndexPrefixConflicts(V20190705071400_AddEventIndexSetsMigration.java:130) ~[graylog.jar:?]
  449. at org.graylog2.migrations.V20190705071400_AddEventIndexSetsMigration.ensureEventsStreamAndIndexSet(V20190705071400_AddEventIndexSetsMigration.java:111) ~[graylog.jar:?]
  450. at org.graylog2.migrations.V20190705071400_AddEventIndexSetsMigration.upgrade(V20190705071400_AddEventIndexSetsMigration.java:84) ~[graylog.jar:?]
  451. at org.graylog2.periodical.ConfigurationManagementPeriodical.doRun(ConfigurationManagementPeriodical.java:42) [graylog.jar:?]
  452. at org.graylog2.plugin.periodical.Periodical.run(Periodical.java:77) [graylog.jar:?]
  453. at java.lang.Thread.run(Thread.java:748) [?:1.8.0_275]
  454. 2020-11-20T16:28:59.021-03:00 ERROR [ConfigurationManagementPeriodical] Error while running migration <V20200409083200_RemoveRootQueriesFromMigratedDashboards{2020-04-09T08:32:00Z}>
  455. com.mongodb.MongoWriteException: cannot use the part (queries of queries.$[elem].query.query_string) to traverse the element ({queries: [ { id: "00000170-0c48-aa03-8788-00505694f28c", timerange: { type: "relative", range: 300 }, query: { type: "elasticsearch", query_string: "" }, search_types: [ { id: "00000170-0c48-a9ff-8788-00505694f28c", timerange: { type: "keyword", keyword: "last 6 hours" }, query: { type: "elasticsearch", query_string: "source:tickets" }, streams: [], name: "chart", series: [ { type: "count", id: "count()", field: null } ], sort: [ { type: "series", field: "ticket_cause", direction: "Descending" } ], rollup: true, type: "pivot", row_groups: [ { field: "ticket_cause", limit: 5, type: "values" } ], column_groups: [] }, { id: "00000170-0c48-aa01-8788-00505694f28c", timerange: { type: "relative", range: 21600 }, query: { type: "elasticsearch", query_string: "source:tickets" }, streams: [], name: "chart", series: [ { type: "count", id: "count()", field: null } ], sort: [ { type: "series", field: "ticket_nodo", direction: "Descending" } ], rollup: true, type: "pivot", row_groups: [ { field: "ticket_nodo", limit: 5, type: "values" } ], column_groups: [] }, { id: "00000170-0c48-aa00-8788-00505694f28c", timerange: { type: "keyword", keyword: "last 6 hours" }, query: { type: "elasticsearch", query_string: "source:tickets" }, streams: [], name: "chart", series: [ { type: "count", id: "count()", field: null } ], sort: [ { type: "series", field: "ticket_cause", direction: "Descending" } ], rollup: true, type: "pivot", row_groups: [ { field: "ticket_cause", limit: 50, type: "values" } ], column_groups: [] }, { id: "00000170-0c48-aa02-8788-00505694f28c", timerange: { type: "relative", range: 21600 }, query: { type: "elasticsearch", query_string: "source:tickets" }, streams: [], name: "chart", series: [ { type: "count", id: "count()", field: null } ], sort: [ { type: "series", field: "ticket_nodo", direction: "Descending" } ], rollup: true, type: "pivot", row_groups: [ { field: "ticket_nodo", limit: 50, type: "values" } ], column_groups: [] } ] } ]})
  456. at com.mongodb.client.internal.MongoCollectionImpl.executeSingleWriteRequest(MongoCollectionImpl.java:1060) ~[graylog.jar:?]
  457. at com.mongodb.client.internal.MongoCollectionImpl.executeUpdate(MongoCollectionImpl.java:1037) ~[graylog.jar:?]
  458. at com.mongodb.client.internal.MongoCollectionImpl.updateMany(MongoCollectionImpl.java:668) ~[graylog.jar:?]
  459. at org.graylog.plugins.views.migrations.V20200409083200_RemoveRootQueriesFromMigratedDashboards.upgrade(V20200409083200_RemoveRootQueriesFromMigratedDashboards.java:96) ~[graylog.jar:?]
  460. at org.graylog2.periodical.ConfigurationManagementPeriodical.doRun(ConfigurationManagementPeriodical.java:42) [graylog.jar:?]
  461. at org.graylog2.plugin.periodical.Periodical.run(Periodical.java:77) [graylog.jar:?]
  462. at java.lang.Thread.run(Thread.java:748) [?:1.8.0_275]
  463. 2020-11-20T16:29:17.315-03:00 INFO [NetworkListener] Started listener bound to [172.16.2.131:9000]
  464. 2020-11-20T16:29:17.316-03:00 INFO [HttpServer] [HttpServer] Started.
  465. 2020-11-20T16:29:17.316-03:00 INFO [JerseyService] Started REST API at <172.16.2.131:9000>
  466. 2020-11-20T16:29:17.317-03:00 INFO [ServiceManagerListener] Services are healthy
  467. 2020-11-20T16:29:17.317-03:00 INFO [InputSetupService] Triggering launching persisted inputs, node transitioned from Uninitialized [LB:DEAD] to Running [LB:ALIVE]
  468. 2020-11-20T16:29:17.317-03:00 INFO [ServerBootstrap] Services started, startup times in ms: {BufferSynchronizerService [RUNNING]=112, ConfigurationEtagService [RUNNING]=112, InputSetupService [RUNNING]=113, JournalReader [RUNNING]=113, UrlWhitelistService [RUNNING]=113, GracefulShutdownService [RUNNING]=114, JobSchedulerService [RUNNING]=119, OutputSetupService [RUNNING]=119, EtagService [RUNNING]=119, KafkaJournal [RUNNING]=120, MongoDBProcessingStatusRecorderService [RUNNING]=133, StreamCacheService [RUNNING]=157, PeriodicalsService [RUNNING]=237, LookupTableService [RUNNING]=376, JerseyService [RUNNING]=19303}
  469. 2020-11-20T16:29:17.326-03:00 INFO [ServerBootstrap] Graylog server up and running.
  470. 2020-11-20T16:29:17.365-03:00 INFO [InputStateListener] Input [Syslog UDP/59c90186af963c0396e166e4] is now STARTING
  471. 2020-11-20T16:29:17.366-03:00 INFO [InputStateListener] Input [Syslog UDP/5ba13aae3bbc820310494f89] is now STARTING
  472. 2020-11-20T16:29:17.367-03:00 INFO [InputStateListener] Input [Syslog UDP/5bc0dc763bbc8203106b9925] is now STARTING
  473. 2020-11-20T16:29:17.368-03:00 INFO [InputStateListener] Input [Syslog UDP/5de115193bbc825575f5cd6e] is now STARTING
  474. 2020-11-20T16:29:17.368-03:00 INFO [InputStateListener] Input [Syslog UDP/5ec690e43bbc8233761d539c] is now STARTING
  475. 2020-11-20T16:29:17.370-03:00 INFO [InputStateListener] Input [Raw/Plaintext UDP/59db6a6caf963c03af1db25e] is now STARTING
  476. 2020-11-20T16:29:17.370-03:00 INFO [InputStateListener] Input [Syslog UDP/59b1a628af963c249eaced4b] is now STARTING
  477. 2020-11-20T16:29:17.371-03:00 INFO [InputStateListener] Input [Syslog UDP/5a09dc89af963c03b73c3647] is now STARTING
  478. 2020-11-20T16:29:17.379-03:00 INFO [InputStateListener] Input [Syslog UDP/5eb337343bbc821e37698f1e] is now STARTING
  479. 2020-11-20T16:29:17.491-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input RawUDPInput{title=Fastnetmon, type=org.graylog2.inputs.raw.udp.RawUDPInput, nodeId=null} (channel [id: 0xfb08ff2a, L:/0:0:0:0:0:0:0:0%0:5515]) should be 262144 but is 425984.
  480. 2020-11-20T16:29:17.491-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Bind non queries log, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xa787ecda, L:/0:0:0:0:0:0:0:0%0:5522]) should be 262144 but is 425984.
  481. 2020-11-20T16:29:17.491-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=DNS, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x62de39a6, L:/0:0:0:0:0:0:0:0%0:5530]) should be 262144 but is 425984.
  482. 2020-11-20T16:29:17.491-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Routers, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xdca252ad, L:/0:0:0:0:0:0:0:0%0:5516]) should be 262144 but is 425984.
  483. 2020-11-20T16:29:17.491-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Linux servers, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x3fa2f790, L:/0:0:0:0:0:0:0:0%0:5517]) should be 262144 but is 425984.
  484. 2020-11-20T16:29:17.491-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Firewall, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x500c4f8d, L:/0:0:0:0:0:0:0:0%0:5519]) should be 262144 but is 425984.
  485. 2020-11-20T16:29:17.491-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Syslog UDP 5514, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x5f2b929a, L:/0:0:0:0:0:0:0:0%0:5514]) should be 262144 but is 425984.
  486. 2020-11-20T16:29:17.491-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Tickets, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x7ab7a83a, L:/0:0:0:0:0:0:0:0%0:5529]) should be 262144 but is 425984.
  487. 2020-11-20T16:29:17.492-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Unifi controller, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x10b05986, L:/0:0:0:0:0:0:0:0%0:5521]) should be 262144 but is 425984.
  488. 2020-11-20T16:29:17.495-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=DNS, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x2b6faf19, L:/0:0:0:0:0:0:0:0%0:5530]) should be 262144 but is 425984.
  489. 2020-11-20T16:29:17.496-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Syslog UDP 5514, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xabdcdeef, L:/0:0:0:0:0:0:0:0%0:5514]) should be 262144 but is 425984.
  490. 2020-11-20T16:29:17.496-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Linux servers, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x7bd35077, L:/0:0:0:0:0:0:0:0%0:5517]) should be 262144 but is 425984.
  491. 2020-11-20T16:29:17.505-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Tickets, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xa75f7605, L:/0:0:0:0:0:0:0:0%0:5529]) should be 262144 but is 425984.
  492. 2020-11-20T16:29:17.505-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Bind non queries log, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x688b4679, L:/0:0:0:0:0:0:0:0%0:5522]) should be 262144 but is 425984.
  493. 2020-11-20T16:29:17.505-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input RawUDPInput{title=Fastnetmon, type=org.graylog2.inputs.raw.udp.RawUDPInput, nodeId=null} (channel [id: 0x5ca2c299, L:/0:0:0:0:0:0:0:0%0:5515]) should be 262144 but is 425984.
  494. 2020-11-20T16:29:17.505-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Routers, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x2e19866c, L:/0:0:0:0:0:0:0:0%0:5516]) should be 262144 but is 425984.
  495. 2020-11-20T16:29:17.515-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Syslog UDP 5514, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x3d5f5529, L:/0:0:0:0:0:0:0:0%0:5514]) should be 262144 but is 425984.
  496. 2020-11-20T16:29:17.515-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Tickets, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x9112af2f, L:/0:0:0:0:0:0:0:0%0:5529]) should be 262144 but is 425984.
  497. 2020-11-20T16:29:17.516-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Firewall, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xff32123e, L:/0:0:0:0:0:0:0:0%0:5519]) should be 262144 but is 425984.
  498. 2020-11-20T16:29:17.516-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=DNS, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x53820d2b, L:/0:0:0:0:0:0:0:0%0:5530]) should be 262144 but is 425984.
  499. 2020-11-20T16:29:17.516-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Bind non queries log, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xa732b853, L:/0:0:0:0:0:0:0:0%0:5522]) should be 262144 but is 425984.
  500. 2020-11-20T16:29:17.521-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input RawUDPInput{title=Fastnetmon, type=org.graylog2.inputs.raw.udp.RawUDPInput, nodeId=null} (channel [id: 0xc1285130, L:/0:0:0:0:0:0:0:0%0:5515]) should be 262144 but is 425984.
  501. 2020-11-20T16:29:17.522-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Linux servers, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x19799d47, L:/0:0:0:0:0:0:0:0%0:5517]) should be 262144 but is 425984.
  502. 2020-11-20T16:29:17.522-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Routers, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x92250817, L:/0:0:0:0:0:0:0:0%0:5516]) should be 262144 but is 425984.
  503. 2020-11-20T16:29:17.530-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Unifi controller, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xe7bcdd1e, L:/0:0:0:0:0:0:0:0%0:5521]) should be 262144 but is 425984.
  504. 2020-11-20T16:29:17.546-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=DNS, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x084b0556, L:/0:0:0:0:0:0:0:0%0:5530]) should be 262144 but is 425984.
  505. 2020-11-20T16:29:17.550-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input RawUDPInput{title=Fastnetmon, type=org.graylog2.inputs.raw.udp.RawUDPInput, nodeId=null} (channel [id: 0x20d39f15, L:/0:0:0:0:0:0:0:0%0:5515]) should be 262144 but is 425984.
  506. 2020-11-20T16:29:17.551-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Firewall, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xac26de48, L:/0:0:0:0:0:0:0:0%0:5519]) should be 262144 but is 425984.
  507. 2020-11-20T16:29:17.550-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Syslog UDP 5514, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xb9adf113, L:/0:0:0:0:0:0:0:0%0:5514]) should be 262144 but is 425984.
  508. 2020-11-20T16:29:17.556-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Bind non queries log, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xc3c3749b, L:/0:0:0:0:0:0:0:0%0:5522]) should be 262144 but is 425984.
  509. 2020-11-20T16:29:17.559-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Unifi controller, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x7281e350, L:/0:0:0:0:0:0:0:0%0:5521]) should be 262144 but is 425984.
  510. 2020-11-20T16:29:17.626-03:00 INFO [InputStateListener] Input [Syslog UDP/5eb337343bbc821e37698f1e] is now RUNNING
  511. 2020-11-20T16:29:17.636-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Linux servers, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x84e01edf, L:/0:0:0:0:0:0:0:0%0:5517]) should be 262144 but is 425984.
  512. 2020-11-20T16:29:17.636-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Tickets, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xfe5c49be, L:/0:0:0:0:0:0:0:0%0:5529]) should be 262144 but is 425984.
  513. 2020-11-20T16:29:17.638-03:00 INFO [InputStateListener] Input [Syslog UDP/5a09dc89af963c03b73c3647] is now RUNNING
  514. 2020-11-20T16:29:17.636-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Routers, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xcdf92a71, L:/0:0:0:0:0:0:0:0%0:5516]) should be 262144 but is 425984.
  515. 2020-11-20T16:29:17.650-03:00 INFO [InputStateListener] Input [Syslog UDP/5ec690e43bbc8233761d539c] is now RUNNING
  516. 2020-11-20T16:29:17.651-03:00 INFO [InputStateListener] Input [Syslog UDP/5ba13aae3bbc820310494f89] is now RUNNING
  517. 2020-11-20T16:29:17.652-03:00 INFO [InputStateListener] Input [Raw/Plaintext UDP/59db6a6caf963c03af1db25e] is now RUNNING
  518. 2020-11-20T16:29:17.653-03:00 INFO [InputStateListener] Input [Syslog UDP/59c90186af963c0396e166e4] is now RUNNING
  519. 2020-11-20T16:29:17.656-03:00 INFO [InputStateListener] Input [Syslog UDP/5de115193bbc825575f5cd6e] is now RUNNING
  520. 2020-11-20T16:29:17.687-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Firewall, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0x9920d752, L:/0:0:0:0:0:0:0:0%0:5519]) should be 262144 but is 425984.
  521. 2020-11-20T16:29:17.688-03:00 INFO [InputStateListener] Input [Syslog UDP/5bc0dc763bbc8203106b9925] is now RUNNING
  522. 2020-11-20T16:29:17.699-03:00 WARN [UdpTransport] receiveBufferSize (SO_RCVBUF) for input SyslogUDPInput{title=Unifi controller, type=org.graylog2.inputs.syslog.udp.SyslogUDPInput, nodeId=null} (channel [id: 0xc3bbdc02, L:/0:0:0:0:0:0:0:0%0:5521]) should be 262144 but is 425984.
  523. 2020-11-20T16:29:17.701-03:00 INFO [InputStateListener] Input [Syslog UDP/59b1a628af963c249eaced4b] is now RUNNING
  524. 2020-11-20T16:38:35.392-03:00 INFO [connection] Opened connection [connectionId{localValue:7, serverValue:49}] to localhost:27017
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!