Hi Drew, I was able to import a sampling of the logs, using a syslog and/or RAW UDP inputs and netcat, however I'm not happy with the results because graylog did not preserve the data/time/host and instead set the data/time it received those entries and the host where the import was performed from, rather than the host the entry was created on. From the researching/googling I've done this appears to be a common issue, and one where I've yet to see a solution provided or explained.
I'll give nxlog a go and see if it's able to address this issue, thanks for the recommendation! -- Later, Darin On Wed, Dec 2, 2015 at 9:20 PM, Drew Miranda <[email protected]> wrote: > I did something similar as a proof of concept but it was far from elegant. > > In short: > > 1. Use nxlog to listen to a file and configure a rule that uses the date of > the log message and not the current date (which it would do if we don't > create this rule) > 2. Use something that reads your log file(s) one line at a time and appends > each line to the file being monitored by nxlog > > *in some cases the date time format is not directly parseable by nxlog and a > script is required to parse on the correct format. > > https://nxlog.org/node/295#idp9098336 > > Sorry this is so convoluted. This is a feature that has been requested so it > is possible we may see a native way to do this in the future. > > -- > You received this message because you are subscribed to the Google Groups > "Graylog Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/graylog2/e956ec6d-3f94-40be-a3c8-147ea7502ed2%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/CADaviKvheJhxtbMuB6Hyru%2B4--328L_FSgk5wC5xY5cCqdzb_w%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
