Brian, the idea of the Sidecar is that you can configure collectors like nxlog through the web interface of Graylog. So if everything is setup correctly you just do some clicks in the Graylog web ui and nxlog starts to read your log file. For a basic setup you need to create a new configuration under System->Collectors->Manage configurations. When you open that configuration you can create outputs (how should nxlog send log lines to Graylog) and inputs (which file should nxlog read). The sidecar will then generate a configuration file for nxlog and start the nxlog process on the target host. So in the end you don't need to know much of the details of nxlog if you just want to ingest some local log files. If this doesn't work I need some error messages of either the Sidecar itself or of NXLog, why it is not able to send logs back to Graylog. For this purpose the Sidecar is writing a log file in C:\Program Files (x86)\graylog\collector-sidecar. Also the output of NXlog is written there in a seperate file, you can look into both for errors.
On 23 May 2016 at 17:03, Bryan Cerdas <[email protected]> wrote: > Hi Marius, > > The issue basically is that in our current configuration, we are using the > old collector, it reads the log files and send the entries to Graylog, now > I wanted to do the same with the sidecar, im not very familiar with the > nxlog, I already configure it to send the windows events logs to the > server, that's not what I wanted but it was like a lab for me, now im > trying to read the log files using the nxlog but im not receiving anything > in the server, I was wondering if there is any example of the nxlog using > the sidecar for reading from a log file. > > Thanks in advance. > > El lunes, 23 de mayo de 2016, 3:12:40 (UTC-6), Marius Sturm escribió: > >> Hi, >> could you please explain a little bit what's the problem you are facing? >> >> On 17 May 2016 at 18:59, Bryan Cerdas <[email protected]> wrote: >> >>> Hello, >>> >>> Im testing the new sidecar collector, we used to have the old one, but >>> im not being able to send the information from the log file to Graylog, i >>> was able to set it up to read the windows event log. using the nxlog, but i >>> need some help to configure the nexlog from Graylog to read a log file. >>> >>> Regards. >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Graylog Users" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/graylog2/bf0853e6-be61-448a-9160-57ac8f844da6%40googlegroups.com >>> <https://groups.google.com/d/msgid/graylog2/bf0853e6-be61-448a-9160-57ac8f844da6%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> For more options, visit https://groups.google.com/d/optout. >>> >> >> >> >> -- >> Developer >> >> Tel.: +49 (0)40 609 452 077 >> Fax.: +49 (0)40 609 452 078 >> >> TORCH GmbH - A Graylog Company >> Poolstraße 21 >> 20335 Hamburg >> Germany >> >> https://www.graylog.com <https://www.torch.sh/> >> >> Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175 >> Geschäftsführer: Lennart Koopmann (CEO) >> > -- > You received this message because you are subscribed to the Google Groups > "Graylog Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/graylog2/f8c8037a-1c61-4f7a-875e-6ce3baa7e64a%40googlegroups.com > <https://groups.google.com/d/msgid/graylog2/f8c8037a-1c61-4f7a-875e-6ce3baa7e64a%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- Developer Tel.: +49 (0)40 609 452 077 Fax.: +49 (0)40 609 452 078 TORCH GmbH - A Graylog Company Poolstraße 21 20335 Hamburg Germany https://www.graylog.com <https://www.torch.sh/> Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175 Geschäftsführer: Lennart Koopmann (CEO) -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/CAMqbBb%2BX8nvHqb_veCJcKA-t0WB%3DZrjZXHdrtueEd-6cpp6vTg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
