Hi Santiago, how exactly are you sending the Windows Event Logs to Graylog? You can use either nxlog or the new Graylog Collector ( http://docs.graylog.org/en/1.1/pages/collector.html) for this. If you're using nxlog, please post your configuration file.
If you're starting from scratch, I'd recommend using the Graylog Collector for the best overall experience and integration with Graylog. Cheers, Jochen On Monday, 29 June 2015 08:51:53 UTC+2, Santiago Fernandez wrote: > > Dear , good afternoon . > > > I recently installed a Graylog Server . I'm trying collect data of a > Windows XP, to try. > > > Both teams are on the network 192.168.0.0/24 > > > First, create the inbound rule. GELF UDP on port 12201 . > > > > <https://lh3.googleusercontent.com/-zQkwMkwLUO8/VZCK7cV6bWI/AAAAAAAAF-c/09c_Cn_Nsls/s1600/input.png> > > > > Then install SNARE and send the syslog to the address TCP / IP Server. > Restart the services , but nothing. Any concept , I have erred. > > > > <https://lh3.googleusercontent.com/-Shme0TNL_Cc/VZCK_kss4OI/AAAAAAAAF-k/PAnHTIvhxPg/s1600/snare.png> > > > > > Both Firewall disabled. I have communication or ICMP between the teams. > Any recommendation? > > > If you proved NXLOG have some configuration file ? To use as a guide. > > > Thanks for All from Argentine! > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
