Graylog2 v0.92 正式發布，支持 SSL/TLS

Graylog2 是一個用來將系統日志syslog保存到MongoDB中的工具。 包括一個用Java編寫的服務器，可接收來自TCP和UDP的syslog信息，Web接口使用Ruby編寫，基于 Rails 框架，可用來查看日志信息。

主要特性

• 通過 TCP/UDP 接收syslog信息

• 基于 MongoDB 的快速后端存儲

• GELF (Graylog Extended Log Format)

• 黑名單

• 過濾器

• 統計

Graylog2 v0.92 正式發布，此版本包括大量新特性，bug 修復和改進。

內容封裝

內容封裝綁定了 Graylog2 輸入，提取器，流，儀表板和輸出配置，可以提供完整的數據源支持。一些內容封裝是默認的，可以在這個網站下載，也可以使用 Graylog2 Web 頁面導入。 content pack for nginx

新來源頁面

新來源頁面提供動態分析和不同源代碼的導航，可以發送消息到你的 Graylog2 設置。

基于時間的保留清理

你可以選擇啟用基于時間的保留清理，舊的基于消息計數的策略還是默認的策略，當然，你也可以修改成基于時間的清理：

#elasticsearch_max_docs_per_index = 20000000

elasticsearch_max_size_per_index = 1073741824
 Permitted suffixes are: d for day, h for hour, m for minute, s for second.
elasticsearch_max_time_per_index = 1d
elasticsearch_max_number_of_indices = 20</pre>   
Graylog2 REST API 支持 SSL/TLS

Graylog2 REST API 現在開箱支持 SSL/TLS，提升了系統的安全性。之前的 HTTPS 代理需要部署在 REST API 之前：

   
rest_enable_tls (default: false): Option to activate SSL/TLS for the Graylog2 REST API
 

   
rest_tls_cert_file (default: empty): Path to the certificate file. If SSL/TLS is activated but this setting is empty, a temporary self-signed certificate will automatically be created.
 

   
rest_tls_key_file (default: empty): Path to the private key file. If SSL/TLS is activated but this setting is empty, a temporary private key will automatically be created.
 

   
rest_tls_key_password (default: empty): Optional passphrase to decrypt the private key.
 

  
其他值得關注的特性

   
[SERVER] IMPORTANT SECURITY FIX: It was possible to perform LDAP logins with crafted wildcards. (A big thank you to Jose Tozo who discovered this issue and disclosed it very responsibly.)
 

   
[SERVER] Generate a system notification if garbage collection takes longer than a configurable threshold.
 

   
[SERVER] Added several JVM-related metrics.
 

   
[SERVER] Added support for Elasticsearch 1.4.x which brings a lot of stability and resilience features to Elasticsearch clusters.
 

   
[SERVER] Made version check of Elasticsearch version optional. Disabling this check is not recommended.
 

   
[SERVER] Added an option to disable optimizing Elasticsearch indices on index cycling.
 

   
[SERVER] Added an option to disable time-range calculation for indices on index cycling.
 

   
[SERVER] Lots of other performance enhancements for large setups (i.e. involving several Radio nodes and multiple Graylog2 Servers).
 

   
[SERVER] Support for Syslog Octet Counting, as used by syslog-ng for syslog via TCP (#743)
 

   
[SERVER] Improved support for structured syslog messages (#744)
 

   
[SERVER] Bug fixes regarding IPv6 literals in mongodb_replica_set and elasticsearch_discovery_zen_ping_unicast_hosts
 

   
[WEB] Added additional details to system notification about Elasticsearch max. open file descriptors.
 

   
[WEB] Fixed several bugs and inconsistencies regarding time zones.
 

   
[WEB] Improved graphs and diagrams
 

   
[WEB] Allow to update dashboards when browser window is not on focus (#738)
 

   
[WEB] Bug fixes regarding timezone handling
 

   
…and of course numerous internal bug fixes
 

  
下載
http://www.graylog2.org/download
Elasticsearch 升級指南：

   
http://www.elasticsearch.org/guide/en/elasticsearch/reference/1.x/setup-upgrade.html#_0_90_x_and_earlier
 

   
http://www.elasticsearch.org/guide/en/elasticsearch/reference/1.x/setup-upgrade.html#restart-upgrade
 

  
更多內容請看發行說明。
 

 來自：http://www.oschina.net/news/57552/graylog2-0-92

                    

                        
 本文由用戶 jopen  自行上傳分享，僅供網友學習交流。所有權歸原作者，若您的權利被侵害，請聯系管理員。
                        
 轉載本站原創文章，請注明出處，并保留原始鏈接、圖片水印。
                        
 本站是一個以用戶分享為主的開源技術平臺，歡迎各類分享！
                        
 
本文地址：http://www.baiduhome.net/news/view/18f9863                        
                        
 Graylog2