Hi Jochen, Is there any webinars/tutorials regarding Graylog setup, configuration and accessing. please share if you have any.
On Thursday, December 8, 2016 at 2:59:05 PM UTC-8, Ranga Daggubati wrote: > > > Hi, > I'm very new to this GRAYLOG. > > I have installed Dockerised Graylog by installing Mongodb, > elasticsearch and graylog server docker container images by running the > three commands that given in graylog.org - > http://docs.graylog.org/en/2.1/pages/installation/docker.html > > > ---->Initially tried to - Setup an AWS instance with Apache and collect > the apache logs into Graylog server. > > For this i have launched Syslog UDP input with a port > number and launched an AWS rhel instance and setup the apache. configured > the imfile setup and used the template > *.* @graylog.example.org:514 in rsyslog.conf. So i was > able to see the apache logs in the Graylog server. > > so now questions are -- > > 1. Does Graylog is used to collect only syslogs or any other application > logs? > > 2. I have launched a syslog input in gl-server - the input will have a > port number and binded to its localhost, here we are not mentioning any ip > address of the system from which we want to pull the logs. so now if i want > to check the apache logs of other instance - so now this instance also will > send the logs to same input then both system apache logs will be showing in > the same place and everything looks like MessUp so how can we track them? > > 3. if one input is able to monitor the logs of multiple instances/systems > then when/what will be the requirement to launch a new input? > > 4. Can you differentiate the list of inputs in Graylog? > > 5. To send the logs from client to GRAYLOG server we cofigure > rsyslog.conf with template *.* @graylog.example.org:514 , so if somebody > in our team have done the same configuration that client also will send the > log messages to the graylog server. so it shouldn't be happen. We should > have to maintain secure access (like from the client side if we want to > send the logs we should need some permission or access). Sending of log > also should be secure or else if everybody will be sending logs to that > same port and there will be a mess up, right. So sending of logs should be > secure - how can we secure the sending logs? > > > Thanks & Regards > Ranga Daggubati > > > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/7aa10bd3-2e90-4194-8a94-ccc476c36a7b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
