Hi Marius, Yes, sorry for that, that should be my first step, I just check the NXlog output, I don't know why is changing a value of the path
2016-05-23 10:08:24 ERROR apr_stat failed on file C:\Users cerdas\Desktop\Graylog2\prueba.log; The filename, directory name, or volume label syntax is incorrect. the correct path and the one is configured on Graylog is C:\Users \bcerdas\Desktop\Graylog2\prueba.log also that's the one on the configuration of nxlog, I have to add and scape in the path in order to work File "C:\Users\\bcerdas\Desktop\Graylog2\prueba.log" I have a couple of questions maybe they are not related: Since the only output supported from the nxlog is udp, if the server fails I will lose my messages? and I really find useful the old collector, even more because it was another graylog product so I feel more confident, are you planning to support it again, or add it into the sidecar supported collectors? that would be great. El lunes, 23 de mayo de 2016, 9:55:58 (UTC-6), Marius Sturm escribió: > Brian, > the idea of the Sidecar is that you can configure collectors like nxlog > through the web interface of Graylog. So if everything is setup correctly > you just do some clicks in the Graylog web ui and nxlog starts to read your > log file. > For a basic setup you need to create a new configuration under > System->Collectors->Manage configurations. When you open that configuration > you can create outputs (how should nxlog send log lines to Graylog) and > inputs (which file should nxlog read). The sidecar will then generate a > configuration file for nxlog and start the nxlog process on the target host. > So in the end you don't need to know much of the details of nxlog if you > just want to ingest some local log files. > If this doesn't work I need some error messages of either the Sidecar > itself or of NXLog, why it is not able to send logs back to Graylog. For > this purpose the Sidecar is writing a log file in C:\Program Files > (x86)\graylog\collector-sidecar. Also the output of NXlog is written there > in a seperate file, you can look into both for errors. > > On 23 May 2016 at 17:03, Bryan Cerdas <[email protected] <javascript:>> > wrote: > >> Hi Marius, >> >> The issue basically is that in our current configuration, we are using >> the old collector, it reads the log files and send the entries to Graylog, >> now I wanted to do the same with the sidecar, im not very familiar with the >> nxlog, I already configure it to send the windows events logs to the >> server, that's not what I wanted but it was like a lab for me, now im >> trying to read the log files using the nxlog but im not receiving anything >> in the server, I was wondering if there is any example of the nxlog using >> the sidecar for reading from a log file. >> >> Thanks in advance. >> >> El lunes, 23 de mayo de 2016, 3:12:40 (UTC-6), Marius Sturm escribió: >> >>> Hi, >>> could you please explain a little bit what's the problem you are facing? >>> >>> On 17 May 2016 at 18:59, Bryan Cerdas <[email protected]> wrote: >>> >>>> Hello, >>>> >>>> Im testing the new sidecar collector, we used to have the old one, but >>>> im not being able to send the information from the log file to Graylog, i >>>> was able to set it up to read the windows event log. using the nxlog, but >>>> i >>>> need some help to configure the nexlog from Graylog to read a log file. >>>> >>>> Regards. >>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Graylog Users" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To view this discussion on the web visit >>>> https://groups.google.com/d/msgid/graylog2/bf0853e6-be61-448a-9160-57ac8f844da6%40googlegroups.com >>>> >>>> <https://groups.google.com/d/msgid/graylog2/bf0853e6-be61-448a-9160-57ac8f844da6%40googlegroups.com?utm_medium=email&utm_source=footer> >>>> . >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>> >>> >>> >>> -- >>> Developer >>> >>> Tel.: +49 (0)40 609 452 077 >>> Fax.: +49 (0)40 609 452 078 >>> >>> TORCH GmbH - A Graylog Company >>> Poolstraße 21 >>> 20335 Hamburg >>> Germany >>> >>> https://www.graylog.com <https://www.torch.sh/> >>> >>> Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175 >>> Geschäftsführer: Lennart Koopmann (CEO) >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "Graylog Users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/graylog2/f8c8037a-1c61-4f7a-875e-6ce3baa7e64a%40googlegroups.com >> >> <https://groups.google.com/d/msgid/graylog2/f8c8037a-1c61-4f7a-875e-6ce3baa7e64a%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> >> For more options, visit https://groups.google.com/d/optout. >> > > > > -- > Developer > > Tel.: +49 (0)40 609 452 077 > Fax.: +49 (0)40 609 452 078 > > TORCH GmbH - A Graylog Company > Poolstraße 21 > 20335 Hamburg > Germany > > https://www.graylog.com <https://www.torch.sh/> > > Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175 > Geschäftsführer: Lennart Koopmann (CEO) > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/fc31d33b-38b7-4627-89f1-c8c0522609fb%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
