Hi Chris On Tuesday, 15 March 2016 20:45:25 UTC+1, Chris Lajoie wrote: > > I think the difference is that the 2.x messages do not have a date.. could > that be what is causing the problem? >
Yes, that's probably the problem. The syslog parser in Graylog is rather strict and expects messages to be in the format described in RFC 3164 or RFC 5424. You might need to switch to a Raw UDP input and use extractors to get the structured information you need, see http://docs.graylog.org/en/1.3/pages/extractors.html for details. Cheers, Jochen -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/fc8ff494-a4ba-46d6-9679-77909b1bc89f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
