The defaults are pretty fine for a first test. Create a NXLog Gelf output with the IP and port of your Graylog's Gelf Input (typically Graylog's server IP and port 12201). Then create a NXLog file input and connect it with the output from above by setting the 'Forward to' drop-down. Set the right path to the Apache log file. That should be it.
Marius On 25 July 2016 at 17:09, Tony <[email protected]> wrote: > Thank you Marius, as I am very newbie on the system can you please, write > me the correct GUI entries to configure it? > Thanks a lot > > Tony > > 2016-07-25 15:46 GMT+01:00 Marius Sturm <[email protected]>: > >> Hi Tony, >> you have to create a configuration for the sidecar first. Go to 'Manage >> configurations' on the collectors page and set up the needed inputs and >> outputs of your nxlog instance. >> >> Cheers, >> Marius >> >> >> On 25 July 2016 at 15:56, Tony <[email protected]> wrote: >> >>> Hello everybody, >>> I would like to send my apache2 log files from a remote server to >>> graylog server. Actually I using graylog-collector-sidecar on Debian 7 and >>> my configuration files are: >>> >>> --------collectoe_sidecar.yaml--------------- >>> erver_url: http://10.5.10.242:12900 >>> node_id: graylog-collector-sidecar-nagios >>> collector_id: file:/etc/graylog/collector-sidecar/collector-id >>> log_rotation_time: 86400 >>> log_max_age: 86400 >>> tags: apache >>> update_interval: 10 >>> log_path: /var/log/graylog/collector-sidecar >>> backends: >>> - name: nxlog >>> enabled: true >>> binary_path: /usr/bin/nxlog >>> configuration_path: >>> /etc/graylog/collector-sidecar/generated/nxlog.conf >>> ---------------------------------------------------- >>> -----------nxlog.conf--------------------------- >>> User nxlog >>> Group nxlog >>> Moduledir /usr/lib/nxlog/modules >>> CacheDir /var/spool/collector-sidecar/nxlog >>> PidFile /var/run/graylog/collector-sidecar/nxlog.pid >>> define LOGFILE /var/log/graylog/collector-sidecar/nxlog.log >>> LogFile %LOGFILE% >>> LogLevel INFO >>> >>> <Extension logrotate> >>> Module xm_fileop >>> <Schedule> >>> When @daily >>> Exec file_cycle('%LOGFILE%', 7); >>> </Schedule> >>> </Extension> >>> --------------------------------------------------- >>> This is the tree output >>> /etc/graylog/collector-sidecar$ tree >>> . >>> ├── collector-id >>> ├── collector_sidecar.yml >>> └── generated >>> └── nxlog.conf >>> >>> So now when I try to do graylog-collector-sidecar -c >>> /etc/graylog/collector-sidecar/collector_sidecar.yml >>> I got this >>> INFO[0000] Using collector-id: e3d0fefc-f8fd-4f4e-becd-894d7f813532 >>> INFO[0000] Fetching configurations tagged by: [apache] >>> INFO[0000] Starting collector supervisor >>> INFO[0000] [nxlog] Starting >>> INFO[0010] [RequestConfiguration] No configuration found for configured >>> tags! >>> INFO[0020] [RequestConfiguration] No configuration found for configured >>> tags! >>> INFO[0030] [RequestConfiguration] No configuration found for configured >>> tags! >>> >>> But I see the instance in collectors in graylog server. >>> >>> Any idea how to fix it? >>> >>> Thanks in advance >>> >>> Tony >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Graylog Users" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/graylog2/27703308-3fe9-4a3f-8576-d54b70e2beaf%40googlegroups.com >>> <https://groups.google.com/d/msgid/graylog2/27703308-3fe9-4a3f-8576-d54b70e2beaf%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> For more options, visit https://groups.google.com/d/optout. >>> >> >> >> >> -- >> Developer >> >> Tel.: +49 (0)40 609 452 077 >> Fax.: +49 (0)40 609 452 078 >> >> TORCH GmbH - A Graylog Company >> Poolstraße 21 >> 20335 Hamburg >> Germany >> >> https://www.graylog.com <https://www.torch.sh/> >> >> Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175 >> Geschäftsführer: Lennart Koopmann (CEO) >> >> -- >> You received this message because you are subscribed to a topic in the >> Google Groups "Graylog Users" group. >> To unsubscribe from this topic, visit >> https://groups.google.com/d/topic/graylog2/ZGYlNd2IrO8/unsubscribe. >> To unsubscribe from this group and all its topics, send an email to >> [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/graylog2/CAMqbBb%2Bc3NvQ0ZKa%2BFJhQJp9tSopmq0E0MGpJsS4n%3D51wRKM6Q%40mail.gmail.com >> <https://groups.google.com/d/msgid/graylog2/CAMqbBb%2Bc3NvQ0ZKa%2BFJhQJp9tSopmq0E0MGpJsS4n%3D51wRKM6Q%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> >> For more options, visit https://groups.google.com/d/optout. >> > > -- > You received this message because you are subscribed to the Google Groups > "Graylog Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/graylog2/CACjATf_SdoRUMSK07Vgvk7dPYszoVtGixgy_zC-weAmL938tDA%40mail.gmail.com > <https://groups.google.com/d/msgid/graylog2/CACjATf_SdoRUMSK07Vgvk7dPYszoVtGixgy_zC-weAmL938tDA%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- Developer Tel.: +49 (0)40 609 452 077 Fax.: +49 (0)40 609 452 078 TORCH GmbH - A Graylog Company Poolstraße 21 20335 Hamburg Germany https://www.graylog.com <https://www.torch.sh/> Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175 Geschäftsführer: Lennart Koopmann (CEO) -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/CAMqbBbKfUC%2BOptEvmqz_mtrNRPrnA7e%2BBKqDFQ7K9QgEOUiZtg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
