I set up a Graylog 2.1.2 server by deploying the downloadable OVA from graylog.org. I'm trying to monitor a Windows 2008 R2 server with the DHCP role installed. The DHCP server deposits activity data into log files at C:\Windows\System32\dhcp\DhcpSrvLog-*.log. I have collector-sidecar and nxlog installed on the Windows machine, and configured to send the log data back to a collector input on the Graylog server.
My configuration is based on the WindowsDHCP content pack available in the Graylog marketplace. I imported the content pack json, configured collector-sidecar on Windows and the Graylog collector starting from the sample code at https://github.com/JulioQc/WinDHCP. Unfortunately, when I do "show messages" for the collector, there's nothing coming in. Has anyone had any success with this configuration? If not, is there a better method for monitoring Windows DHCP activity with Graylog? Thanks! -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/d123b126-1db8-4691-a743-86bfd61bae3f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
