Hi Jochen, Thanks for the reply!
When you mention using structured syslog data through syslog, how does that work? Does graylog automatically detect structured data inside a standard syslog message? I tried including JSON blobs and key value pairs in my syslog message but it didn't seem to pick it up. Maybe I need to setup an extractor? Or would this be like CEE for rsyslog? Thanks for your help! -Russ On Monday, July 27, 2015 at 1:32:00 AM UTC-7, Jochen Schalanda wrote: > > Hi Russ, > > most third-party libraries only support sending GELF over UDP, some also > support TCP, and very few support GELF over TCP+TLS. For example our own > Java-based gelfclient (https://github.com/Graylog2/gelfclient) supports > all three modes. If you're missing a specific transport mode in some > library, you should contact the author of the respective project and see > what's required to get support for TLS into the library. > > The support for GELF over TCP+TLS is relatively new (introduced in Graylog > 1.0.0), so some libraries just lag behind or nobody really asked for > encrypted transport yet. > > FWIW you might work around this limitation by spanning a VPN underneath > the logging clients and the Graylog servers in order to move the encryption > to a "lower" layer in the stack or use structured syslog to include more > information in syslog messages sent to Graylog. > > > Cheers, > Jochen > > On Monday, 27 July 2015 10:15:50 UTC+2, Russ wrote: >> >> Hi Everyone, >> >> I'm trying to run graylog with a huge amount of incoming messages per >> second. To speed up indexing and make the data more easily queryable I'm >> interested in using GELF. When I do it over UDP it works perfectly; it's >> super efficient. >> >> However, I can't find much information (libraries/modules/etc for Java >> and Python) with folks logging in GELF over TCP with TLS. Unfortunately I >> have some requirements that won't allow me ship the messages over an >> unencrypted connection and am forced to used to TLS. I can solve for this >> now by using rsyslog but it's not in GELF format. >> >> I'm curious if I'm not finding anything about GELF over TLS because: >> >> (A) there is a reason this sort of thing shouldn't be done, >> (B) I'm not looking in the right places >> (C) Just hasn't been a library developed that does this yet. >> (D) Something else. >> >> I started prototyping something with Python (socket/ssl) to do it but >> didn't want to get too far down the path if there is something fundamental >> I'm missing. They GELF documentation mentions TCP introduces headaches >> which I can understand from a high level but I'm not so much of an expert >> to know if I'll get myself in over my head if I write something to do this. >> >> Thanks for your help! >> >> -Russ >> > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
