I have configured a GELF TCP source in Graylog. I have one Windows 10 box
sending to the Graylog server using nxlog. I can see successful connections
in the nxlog logs. From the Graylog Inputs screen it is showing messages
coming in, around 4 messages per second. This is about right for this
source. When I click on the Show Received Messages, I don't see any
messages, however. When I configure the source to send with GELF UDP, I can
see the messages no problem. I have no idea why I can't get TCP to work.
Below are some of my configs.
nxlog set for *TCP *output and I do not see the messages in Graylog:
<Output graylog>
Module om_tcp
Host 147.xx.xx.xxx (I am not revealing my true IP)
Port 12205
OutputType GELF
Exec file_write("C:\\Program Files
(x86)\\nxlog\\data\\nxlog_output.log", $raw_event);
</Output>
nxlog set for *UDP *output and I do see the messages in Graylog:
<Output graylog>
Module om_udp
Host 147.xx.xx.xxx
Port 12201
OutputType GELF
Exec file_write("C:\\Program Files
(x86)\\nxlog\\data\\nxlog_output.log", $raw_event);
</Output>
Graylog GELF UDP source and I can see messages:
- override_source:
- recv_buffer_size: 1048576
- bind_address: 0.0.0.0
- port: 12201
Graylog GELF TCP source and I can see traffic on the Inputs screen but see
nothing when I click on Show Received Messages:
- recv_buffer_size: 1048576
- port: 12205
- tls_key_file: username
- tls_key_password: *******
- use_null_delimiter: true
- tls_client_auth_cert_file:
- max_message_size: 2097152
- tls_client_auth: optional
- override_source:
- bind_address: 0.0.0.0
- tls_cert_file:
Any help would be appreciated.
Beth
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/graylog2/272603ed-f8b8-492e-b4c0-3219e8d8bf6d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
