I have fluentd configured to tail Apache and nginx logs and send them to graylog2 on gelf format.
I have a gelf (udp) input configured and can see messages coming in through it. However the messages are not broken into fields I can search or chart. I believe I still have to apply extractors to the gelf input in order to get the nicely broken down fields. My questions: 1. Since I have 3 logs types (for now, more will be added) coming through the same input, do I apply all the extractors to that 1 gelf input? 2. Will that affect responsiveness of the searches? Cheers, -Miguel -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
