i'm using an ubuntu virtual machine on vmware workstation where i installed rsyslog and configured the rsyslog.conf file by adding *.* @@ thegraylog ip adress:5555 and i created an input on the graylog web interface (my graylog server is installed on vsphere ) ,i used tcp syslog ,the input is runing but i'm not receiving any messages (nothing in the web interface changed) and i enabled the port 5555 on my firewall ,should i configure the graylog configraation file too ? How about using collectors on a linux machine is that easier ? my wireshark shows the syslog being sent between my machine and my graylog server ;however nothing shows up on my interface ,however i can see on wiresark the source port of message from my ubuntu to graylog is 46054 ,and the destination port is 514 ( eventhough i confgiured my rsyslog.conf with port 1591 and my input too and wireshark shows that prtocol is UDP eventhough i specified tcp in my input ,and added the extra @ for tcp All of this seems very messed up
as for my firewall i followed the instruction on this page https://kb.cyberoam.com/default.asp?id=1709 and nothing shows nowhere ,not even on wireshark - afficher le texte des messages précédents - -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/8022ec71-3a49-497c-96c1-ac3b3a64b372%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
