Fifth alpha of Graylog v2.0 Released With Message Processor Pipeline and Collector Sidecar
We’ve just released the fifth alpha of Graylog v2.0. If you missed the previous alphas, check out Alpha-1, Alpha-2, Alpha-3, and Alpha-4 to get caught up on the new features that we’ve already announced. This fifth alpha release includes a brand new Message Processor Pipeline, a Collector Sidecar, a filter for the Streams page, and some bug fixes and improvements.
Testing the alpha
This Alpha release is far from feature complete, but we would definitely appreciate your help with testing at this current state! Please submit issues at our GitHub graylog-server repo.
New documentation for 2.0 is also in progress, and we could use some help filling in the gaps as you explore the new version. If you’re interested in contributing to documentation for 2.0, please submit content at our GitHub documentation repo.
New Features since the Graylog v2.0 alpha-4 release
We want to make your experience sending messages to Graylog as easy and flexible as possible. That is why we are introducing the new Collector Sidecar. The Sidecar runs next to your favorite log collector (like fluentd or nxlog) and configures it for you. No more touching of configuration files and most importantly a central configuration from the Graylog web interface. Check out the screenshot to see how you can now configure nxlog remotely to send data to Graylog.
Those of you sending logs to Graylog through NXLog can start using the Collector Sidecar to manage its configuration from within the Graylog Web Interface. This first version only supports NXLog with a file input and a Windows EventLog input, but we will extend the Collector Sidecar to support multiple input types and log collector backends in the future. (e.g. rsyslog)
The Graylog Collector Sidecar runs on Linux, Windows and Mac OS X. You can download a DEB package and a Windows installer from the repository release page for now. We have also heard you and wrote it in Go instead of Java. This means you'll download a native binary instead and do not have to install any runtime dependencies like a JVM.
Message Processor Pipeline
Graylog has always provided several ways of processing log messages, but sometimes it's been a bit confusing to use or simply not flexible enough. With our new Message Processor Pipeline, we now provide you with a better and more powerful solution that suits all of your processing needs.
The Message Processor Pipeline allows you to write custom rules and combine these rules in different pipelines that can transform incoming messages in almost any way you want. It will also be possible to write plugins extending the set of functions you can use in rules, meaning that you will be able to extend the system to suit your specific needs. Please take into account that this is the first version of the processor and we are still working heavily on it, so things may break or not work exactly as expected.
You can find some initial documentation about it
Some of you manage tens or hundreds of streams, and sometimes it’s difficult to find the stream you’re looking for among all the options. This release includes a new filter on the Streams page that lets you filter streams by title or description.
- New Message Processor Pipeline, to make message processing more flexible and powerful: Graylog2/graylog-plugin-pipeline-processor, Graylog2/graylog2-server#1877
- New Collector Sidecar to manage collectors configuration from the web interface: Graylog2/graylog-plugin-collector, Graylog2/collector-sidecar, Graylog2/graylog2-server#1886
- Make rest permissions extensible via plugins: Graylog2/graylog2-server#1878
- Add back CSV search results export: Graylog2/graylog2-server#1879
- Add stream filter to streams page: Graylog2/graylog2-server#1897
- Add loggers page: Graylog2/graylog2-server#1900
Graylog server and web interface
- Fix user with correct permissions not allowed to view stream: Graylog2/graylog2-server#1887, Graylog2/graylog2-server#1902
- Make pattern to check Graylog-managed indices stricter: Graylog2/graylog2-server#1882, Graylog2/graylog2-server#1888
- Fix throughput counter: Graylog2/graylog2-server#1876
- Fix replay search link in dashboards: Graylog2/graylog2-server#1835
- Render server unavailable page more reliably: Graylog2/graylog2-server#1867
Graylog v2.0 Alpha can be downloaded from here.
Our virtual appliance in OVA format has also been updated for this release.
Docker and DEB/RPM packages are not yet available for this alpha release.
We need your feedback
We need feedback about what’s working and what’s broken in order to help everyone get the most out of Graylog 2.0. There are a variety of ways to provide feedback, all of which can be found on our community resources page:
- Report bugs and other issues in our GitHub graylog-server repo.
- Help with documentation in our GitHub documentation repo.
- Start a discussion in our Google Group mailing list.
- Or join the chatter on our #graylog Freenode IRC channel.
- New feature ideas are welcome in our product idea portal.
We’re super excited about releasing 2.0, and we value your feedback. So please go try out this release and let us know what you think!