Hi Has anyone managed to get the syslogd utility in 'sysklogd' to send RFC 5424 compliant syslog messages to Graylog? We use this package for syslog output in Oracle Linux x86_64
I have tried both of the following in /etc/syslog.conf and whilst it doesn't error when syslogd is restarted, no syslog messages are received by Graylog: $template GRAYLOGRFC5424,"<%PRI%>%PROTOCOL-VERSION% %TIMESTAMP:::date-rfc3339% %HOSTNAME% %APP-NAME% %PROCID% %MSGID% %STRUCTURED-DATA% %msg%\n" *.* @my.server.org:514;GRAYLOGRFC5424 or *.* @my.server.org:514;RSYSLOG_SyslogProtocol23Format The only configuration I can get to work is a simple UDP syslog config: *.* @my.server.org Thanks for your help Richard M -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/6dcc8660-ed22-43c6-8499-0a2eae12b35c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
