I have port 12201 UDP, that I setup on our server A; logs are sent there directly from an application via NLOG and GELF. On this same server, I have sidecar-collector sending over Windows Event Logs to port 12204. All my sidecar-collectors are managed my configurations on the Graylog Server and all collectors show green and working. When I look at the messages for the 12201 input, I am seeing Windows Event Logs from an entirely different server. I've stopped the sidecar on that second server and messages are still coming in. I've went through all my configurations and I do not see anything else pointing anything to 12201.
Any ideas on how I can track this down? -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/c2c05f9e-5a03-4cb8-9790-e22f82503220%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
