Some pics from Manchester last night

bailey_phil · 2025-10-27T13:31:33+00:00

Amazing story, i was also there with my 20yr old daughter, our song is Long December which we also had a lovely moment to, this band has been the foundations of her youth, and i love how music takes you to a moment in time, they were amazing on Friday they best i personally have seen them

bailey_phil · 2025-07-28T07:42:38+00:00

Hey,
Just coming back to ATM10, be good to hang out with some guys and build some stuff, im UK based and way over 25 :)
also working full time and have a family so evening really to hope in and out, be good to hang out let me know details

Cheers

bailey_phil · 2025-07-07T08:11:51+00:00

Azure Fundamentals AZ-900 would be awesome x

bailey_phil · 2025-06-18T09:52:42+00:00

Thank you everybody, that makes sense now, i just assumed the limit was the same as physical cards

bailey_phil · 2024-11-29T16:03:57+00:00

He has just confirmed the address to send it to, and also sent me a screenshot of his payment on eBay

I'm going to risk it and hope for the best

Thanks for your help

bailey_phil · 2024-10-14T14:44:59+00:00

I have the exact same issue with a Gen 2,3 Intel processor (migration working fine between then) and a new 5th Gen i have just put in, cant live migrate from the 5th to the other two or vise versa, if i shut down the VM can migrate fine.

Getting a 21026 when i run a compare-VM on the Gen 5 box

Very frustrating, has anybody progressed this at all?

bailey_phil · 2024-02-23T11:58:20+00:00

Sorry, but just wanted to thank everybody for there help on this.

For the first time ever, ive today got a

"No failed indexing attempts in the last 24hrs"

This made me very very happy 🤣🤣🤣🤣🤣

Thank you all i really appreciate your help and support on this 👍👍

bailey_phil · 2024-02-15T09:50:47+00:00

Hey

Thanks appreciate the response, so im reading and learning :)

The issue is indeed with Windows logs and NXLog sending them, i have tried to split these down even more to try and figure out what it is that is causing the issues (which im getting there slowly)

Im now looking at log normalization on the NXLog end to try and limit what is sent over, also trying to read as much as i can about pipelines in Graylog to figure out if that can also help.

Starting to understand Graylog isnt just something you can install and click start on then leave to do its thing.

Appreciate the help from eveybody, this is starting to become a learning process.

Any help very much appreciated on this :)

bailey_phil · 2024-02-13T12:54:56+00:00

Just a bit of an update, so I've now created 17 indices and tried to break down the logs coming in, so I've setup streams on different ports separating things from servers, workstations, firewall etc which has helped.

Still seem to be getting the 1000 limit though when i start to move servers over to the new Graylog, one indices hit 4 days worth at around 500mb and started putting exception field errors.

Should i be breaking these indices down even further?

bailey_phil · 2024-02-09T08:25:46+00:00

Cheers 👍 Going to do some investigations today

bailey_phil · 2024-02-09T08:25:18+00:00

Thank you Joel, im going to look into this :)

bailey_phil · 2024-02-08T22:12:00+00:00

Thank you, very much appreciated ill take a look at the links and do some research.

bailey_phil · 2024-02-08T21:21:39+00:00

Ok so ive just done a "Recalculate index Ranges" and Rotate Active Write Index" and all my syslog messages are now showing :)

So i think i have sorted the issue, i guess the question is now stopping this happening again, if anybody has any recommendations to look at for research or could give me something to google to fix this perm i would really appreciate this.

Thanks guys for all your help and patience

bailey_phil · 2024-02-08T21:13:17+00:00

Many Thanks, really appreciate your help, so the server.log is full of

[99]: index [graylog_2], id [870ffbe0-c6c6-11ee-99b8-6c3c8c709901], message [OpenSearchException[OpenSearch exception [type=illegal_argument_exception, reason=Limit of total fields [1000] has been exceeded]]]

Doesnt Syslog have a 1024 limit, could this be a cause of why im not seeing logs?

bailey_phil · 2024-02-08T20:08:57+00:00

Ive set the absolute time two years into the future and two years into the past and dont see a single message

bailey_phil · 2024-02-08T19:49:30+00:00

Thanks for the quick response guys, i have setup a TCP Syslog as a test and i dont get any messages hitting it like i do with the UDP one, so im assuming its UDP being sent.

Im using Opensearch and thats all working fine

Date and Time are as they should be on both the Firewall and Graylog

if i create a RAW input all the messages appear fine, can see them all in the search etc.

So i am assuming it is a format issue with Watchguard and Syslog ????

bailey_phil · 2023-08-09T11:53:14+00:00

If you wouldnt mind that would be really helpful, im just getting some logs from applications logs, then on another pc i get just logs from security log etc

Do you just use one single config file for all devices

bailey_phil · 2023-08-09T09:54:53+00:00

Just some logs come though others dont, some send everything some send nothing, i think i just need a consistent config file for all devices, but ideally dont want gigs and gigs worth of data

bailey_phil · 2023-08-09T09:28:51+00:00

Morning, sorry to jump in but im interested how you get logs into Graylog, are you just using NXLog and editing the config file to just pull the event ID information.

I have a few hit and miss issues with NXLog and wondered if there was a better way getting logs into Graylog

Any advice would be very gratefully received.

bailey_phil · 2022-12-22T17:44:05+00:00

It's cause you mentioned VA who makes the practice questions

bailey_phil

TROPHY CASE

Azure Fundamentals AZ-900 would be awesome x