Hi Jochen,
Sorry, did not see this. I did not get any notification that someone
replied to this. I am new to google groups.
I used netcat to send data on tcp raw data input finally. Since,my primary
objective is to test its ability to parse our logs(which are nested
structures)
while read x; do echo "$x"|nc IP 5556;done <error_case.log
That is where most of the open source splunk alternatives fail with our use
case. This functionality is very critical to us.
I also replied to you on another thread, pasting here as well
We are looking for something that parses our nested json logs. I tested
graylog but it fails at parsing nested arrays. Not even flattening
structures helps. Any suggestions?
For example:
abc[[{t=value1, v=154.99}, {t=value2, v=0.0}]]
flatten structures=enable or disabled in json extractor, it remains the
same.
Thanks
Tushar
However
On Tuesday, December 29, 2015 at 4:36:57 AM UTC-8, Jochen Schalanda wrote:
>
> Hi,
>
> did you start a GELF TCP input on the Graylog server you're trying to send
> the messages to and is it accessible from the machine the Graylog Collector
> is running on?
>
> Additionally, the type setting for the GELF output in the Graylog
> Collector configuration is wrong. It should be "gelf" instead of "file"
> (see http://docs.graylog.org/en/latest/pages/collector.html#gelf-output).
>
>
> Cheers,
> Jochen
>
> On Monday, 28 December 2015 13:49:05 UTC+1, Tushar Goel wrote:
>>
>> Hi,
>>
>> Testig to send json logs to GRAYLog.
>> Getting below error in graylogcollector-stdout.2015-12-28
>>
>> 2015-12-28T04:46:13.626-0800 ERROR [gelfTcpTransport-1-1]
>> gelfclient.transport.GelfTcpTransport - Connection failed: Connection
>> refused: no further information: /XX.XXX.XXX.XX:12201
>>
>> Please advice.
>> Here is my collector.conf
>>
>> server-url = "http://XX.XXX.XXX.XX:12900/";
>>
>> inputs {
>> xbec_transactions {
>> type = "file"
>> path = "C:\\Users\\tugoel\\Documents\\GSP\\Temp\\xbec_transactions.log"
>> charset = "utf-8"
>> content-splitter = "newline"
>> }
>> //win-eventlog-system {
>> // type = "windows-eventlog"
>> // source-name = "System"
>> // poll-interval = "1s"
>> //}
>> // win-eventlog-security {
>> // type = "windows-eventlog"
>> // source-name = "Security"
>> // poll-interval = "1s"
>> // }
>> }
>>
>> outputs {
>> gelf-tcp {
>> type = "file"
>> host = "XX.XXX.XXX.XX"
>> port = 12201
>> }
>> }
>>
>>
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/graylog2/ded8e968-1330-42ad-b5fc-1cad04ed6249%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
