Hi Jochen, Allright, I’ve created https://github.com/Graylog2/collector-sidecar/issues/90 for this bug.
Alex From: [email protected] [mailto:[email protected]] On Behalf Of Jochen Schalanda Sent: 28 October 2016 08:14 To: Graylog Users <[email protected]> Subject: [graylog2] Re: collector-sidecar unable to start winlogbeat Hi Alexander, this seems to be an issue with quoting the parameters for Winlogbeat. Please create a bug report for this at https://github.com/Graylog2/collector-sidecar/issues. Cheers, Jochen On Thursday, 27 October 2016 19:20:43 UTC+2, Alexander Hermes wrote: Hi All, I am having a lot of trouble getting a basic collecotr-sidecar w/ winlogbeat setup to work: Having just installed the graylog virtual appliance, I set about configuring a collector on one of the remote machines I want to monitor. The remote machine is running windows 2012 Server R2 64bit. I successfully installed the graylog-collector sidecar and was able to pull down a very basic winlogbeat configuration, which was promptly placed at generated/winlogbeat.yml. So far, so good. However, when I try to run the sidecar, winlogbeat exits with an error about not being able to find the configuration file: Loading config file error: Failed to read "C:\Program Files\graylog\collector-sidecar\generated\winlogbeat.yml": open "C:\Program Files\graylog\collector-sidecar\generated\winlogbeat.yml": The filename, directory name, or volume label syntax is incorrect.. Exiting. The error message is mistifying as the indicated path *does* exist! Indeed, if I run winlogbeat from the command console as follows, it completes without complaint: C:\Program Files\graylog\collector-sidecar>winlogbeat.exe -c "C:\Program Files\graylog\collector-sidecar\generated\winlogbeat.yml" -configtest Can anyone help me figure out why the sidecar is not able to start winlogbeat successfully? Some more details on my setup are below Thanks, Alex graylog-collector-sidecar release:0.1.0-alpha.2<https://github.com/Graylog2/collector-sidecar/releases/tag/0.1.0-alpha.2> collector-sidecar.yml: server_url: http://devopslogs.datcon.co.uk/api update_interval: 10 tls_skip_verify: false send_status: true list_log_files: node_id: graylog-collector-sidecar collector_id: file:C:\Program Files\graylog\collector-sidecar\collector-id log_path: C:\Program Files\graylog\collector-sidecar log_rotation_time: 86400 log_max_age: 604800 tags: [windows, iis] backends: - name: nxlog enabled: false binary_path: C:\Program Files (x86)\nxlog\nxlog.exe configuration_path: C:\Program Files\graylog\collector-sidecar\generated\nxlog.conf - name: winlogbeat enabled: true binary_path: C:\Program Files\graylog\collector-sidecar\winlogbeat.exe configuration_path: 'C:\Program Files\graylog\collector-sidecar\generated\winlogbeat.yml' - name: filebeat enabled: true binary_path: C:\Program Files\graylog\collector-sidecar\filebeat.exe configuration_path: 'C:\Program Files\graylog\collector-sidecar\generated\filebeat.yml' generated/winlogbeat.yml output: logstash: hosts: - devopslogs:5044 shipper: tags: - windows - iis winlogbeat: event_logs: - name: Application - name: System - name: Security Graylog: v2.1.1+01d50e5 -- You received this message because you are subscribed to a topic in the Google Groups "Graylog Users" group. To unsubscribe from this topic, visit https://groups.google.com/d/topic/graylog2/9Dc4Xbf6WJI/unsubscribe. To unsubscribe from this group and all its topics, send an email to [email protected]<mailto:[email protected]>. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/2adfbfc6-0f9f-424d-9347-08b4dd1bd22f%40googlegroups.com<https://groups.google.com/d/msgid/graylog2/2adfbfc6-0f9f-424d-9347-08b4dd1bd22f%40googlegroups.com?utm_medium=email&utm_source=footer>. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/CY1PR02MB175538E9222C91E9F2A865DFFCAD0%40CY1PR02MB1755.namprd02.prod.outlook.com. For more options, visit https://groups.google.com/d/optout.
