c8y3
commented
1 year ago It should :) Sometimes it is only a matter of refreshing the web interface which is cached in the browser. Could you check the following things:
- check that variable
plugin_dirin the graylog configuration filegraylog.confis/usr/share/graylog-server/plugin/. In my case, it is/usr/share/graylog/plugin(so that's where I copy the jar).# Set plugin directory here (relative or absolute) plugin_dir = /usr/share/graylog/plugin - Does graylog loads the plugin at startup? In graylog logs, you should find a line that looks like that:
INFO : org.graylog2.bootstrap.CmdLineTool - Loaded plugin: Logging Alert Notification 5.1.0 [com.airbus-cyber-security.graylog.LoggingAlertPlugin] - Check the plugin is present on the node: in the web interface go to System / Nodes, then click on a node, the list of installed plugins should include a line with
Logging Alert Notification
As a last resort, you can try the docker-compose that we use for tests. It is present in the source repository. Clone the repository, go into directory runtime, create a directory graylog/plugin, copy the plugin jar in this directory, then do a docker-compose up. Once graylog has started, you should be able to log into http://127.0.0.1:9000/alerts/notifications/new and find the logging notification type.
If this works, from there, you can try to figure out the difference between this and your setup.
Hope this helps. Let us know. Cheers.
yuanfan2012
Environment 1、Graylog 5.1.2 2、upload graylog-plugin-logging-alert-5.1.0.jar to /usr/share/graylog-server/plugin/ 3、systemctl restart graylog-server
Alert——New Notification——Notification Type but I don't find "Logging Alert Notification " Type
