In this scenario I would start with nxlog only. You don't need necessarily the sidecar for a first experiment. Just start nxlog with a proper configuration and see if you receive events in Graylog.
On 24 May 2016 at 14:42, rvb n <[email protected]> wrote: > Hi > > I know am disturbing you , but i have no option sorry, i am very new to > graylog so pls help me. as you said i have changed config in nxlog after > that am getting this error. > > 016-05-24 18:07:12 ERROR failed to open C:\Program Files > (x86)\graylog\collector-sidecar; Access is denied. > 2016-05-24 18:07:20 ERROR failed to open C:\Program Files > (x86)\graylog\collector-sidecar; Access is denied. > 2016-05-24 18:07:36 ERROR failed to open C:\Program Files > (x86)\graylog\collector-sidecar; Access is denied. > 2016-05-24 18:08:08 ERROR failed to open C:\Program Files > (x86)\graylog\collector-sidecar; Access is denied. > 2016-05-24 18:09:12 ERROR failed to open C:\Program Files > (x86)\graylog\collector-sidecar; Access is denied. > > > On Tuesday, 24 May 2016 17:43:15 UTC+5:30, Marius Sturm wrote: >> >> Hi, >> you have to start an input on the Graylog AMI by going to System -> >> Inputs. You can take a Gelf-TCP input for example. And then configure nxlog >> to send to the AMI IP like: >> >> <Output out> >> Module om_tcp >> Host 52.207.254.128 >> Port 12201 >> OutputType GELF_TCP >> </Output> >> >> Make sure that the port 12201 is open from your local machine by setting >> the security group right in EC2. >> >> On 24 May 2016 at 13:39, rvb n <[email protected]> wrote: >> >>> >>> >>> *This is my collector -sidecar config* >>> >>> server_url: http://52.207.254.128:12900 >>> node_id: graylog-collector-sidecar >>> collector_id: file:C:\Program Files >>> (x86)\graylog\collector-sidecar\collector-id >>> tags: windows >>> log_path: C:\Program Files (x86)\graylog\collector-sidecar >>> update_interval: 10 >>> backends: >>> - name: nxlog >>> enabled: true >>> binary_path: C:\Program Files (x86)\nxlog\nxlog.exe >>> configuration_path: C:\Program Files >>> (x86)\graylog\collector-sidecar\generated\nxlog.conf >>> >>> *This is my nxlog.conf* >>> >>> ## This is a sample configuration file. See the nxlog reference manual >>> about the >>> ## configuration options. It should be installed locally and is also >>> available >>> ## online at http://nxlog.org/docs/ >>> >>> ## Please set the ROOT to the folder your nxlog was installed into, >>> ## otherwise it will not start. >>> >>> #define ROOT C:\Program Files\nxlog >>> define ROOT C:\Program Files (x86)\nxlog >>> >>> Moduledir %ROOT%\modules >>> CacheDir %ROOT%\data >>> Pidfile %ROOT%\data\nxlog.pid >>> SpoolDir %ROOT%\data >>> LogFile %ROOT%\data\nxlog.log >>> >>> <Extension _syslog> >>> Module xm_syslog >>> </Extension> >>> >>> <Input in> >>> Module im_msvistalog >>> # For windows 2003 and earlier use the following: >>> # Module im_mseventlog >>> </Input> >>> >>> <Output out> >>> Module om_tcp >>> Host 192.168.1.102 >>> Port 514 >>> Exec to_syslog_snare(); >>> </Output> >>> >>> <Route 1> >>> Path in => out >>> </Route> >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Graylog Users" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/graylog2/752e795a-2f56-4368-9bdf-02e22bddb12d%40googlegroups.com >>> <https://groups.google.com/d/msgid/graylog2/752e795a-2f56-4368-9bdf-02e22bddb12d%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> For more options, visit https://groups.google.com/d/optout. >>> >> >> >> >> -- >> Developer >> >> Tel.: +49 (0)40 609 452 077 >> Fax.: +49 (0)40 609 452 078 >> >> TORCH GmbH - A Graylog Company >> Poolstraße 21 >> 20335 Hamburg >> Germany >> >> https://www.graylog.com <https://www.torch.sh/> >> >> Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175 >> Geschäftsführer: Lennart Koopmann (CEO) >> > -- > You received this message because you are subscribed to the Google Groups > "Graylog Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/graylog2/46d34ec3-ea34-476e-ab28-03edc5a7ec94%40googlegroups.com > <https://groups.google.com/d/msgid/graylog2/46d34ec3-ea34-476e-ab28-03edc5a7ec94%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- Developer Tel.: +49 (0)40 609 452 077 Fax.: +49 (0)40 609 452 078 TORCH GmbH - A Graylog Company Poolstraße 21 20335 Hamburg Germany https://www.graylog.com <https://www.torch.sh/> Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175 Geschäftsführer: Lennart Koopmann (CEO) -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/CAMqbBbLpkCdwOrrVmn%2B9htfG%2BJnxgdaJGZKzW%2BjiCMpTHiiCnQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
