Hello All, I'm new to graylog so bare with me if I'm asking a stupid question, but the little bit a research I've done on this subject hasn't been as fruitful as I've hoped. I have a syslog server with years of archived logs where the logs are arranged under a directory structure like /logs/$hostip/$year/$month/$day/$facility/$facility.log, and any long older than 3 days is compressed to conserve space. I want to import these logs into graylog and it looks like the most common tools used for importing log files is graylog-collector or logstash, but from looking at configuration examples it looks like these tools only monitor individual log files and cannot recursively traverse a directory structure and send the logs.
Are the collector or logstash able to traverse a directory structure and send any files it finds to graylog? If this is possible can someone provide or point me to some configuration examples? Also would the compressed logs need to be unpacked before sending them to the server? If the tools are not able to traverse a directory structure can someone provide some guidance on an alternate method to import the logs? I came across someone using netcat, but it wasn't overly apparent how they accomplished the task. Scripting something to rip down the directory structure and pipe the files through whatever filters are need to send them to the server is simple enough, I just want to ensure I've setup the correct inputs on the server. Thanks! -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/b1770456-c27c-4fb3-834c-2035bee80c48%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
