[graylog2] Re: Extractor help

[Aykisn]

.+ (http://[^/]+)/ shoud work.

On Monday, August 15, 2016 at 10:46:47 PM UTC+4, Rafael Pereira Silva wrote:
>
> Hello, 
>
> Trying create a extractor an log bellow.
>
>
>
> need only extract the URL of this message:
>
>
> *1471285696.626  60020 10.110.103.9 TCP_MISS/200 593 POST 
> http://bioxxi.dasa.com.br/java-j2eedispatch/wa/sua/b927ea91c134227112782c98820a7145/1/72
>  
> 
>  - FIRST_UP_PARENT/bioxxiweb application/javascript*
> staying: 
> *http://bioxxi.dasa.com.br *
>
>
>
> someone could help me set up?
>
>
>
>
>
>
> I thank the attention.
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/42723e66-7944-4a55-8bc3-922b1b9cd333%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Graylog collector (depricated) for graylog 2.0 connecting issues

[sam]

Hi All,

I installed graylog collector 0.5.0 version in client machine to send logs 
to my graylog server (2.0) version. When I start collector I see below 
errors. CAn anyone let me know where am I going wrong please.. !


2016-08-16T00:51:04.579-0400 INFO  [main] cli.commands.Run - Service 
RUNNING: BufferProcessor [RUNNING]
2016-08-16T00:51:04.579-0400 INFO  [main] cli.commands.Run - Service 
RUNNING: FileObserver [RUNNING]
2016-08-16T00:51:04.579-0400 INFO  [main] cli.commands.Run - Service 
RUNNING: MemoryReporterService [RUNNING]
2016-08-16T00:51:04.579-0400 INFO  [main] cli.commands.Run - Service 
RUNNING: MetricService [RUNNING]
2016-08-16T00:51:04.580-0400 INFO  [main] cli.commands.Run - Service 
RUNNING: StdoutOutput{inputs='', id='console'}
2016-08-16T00:51:04.580-0400 INFO  [main] cli.commands.Run - Service 
RUNNING: HeartbeatService [RUNNING]
2016-08-16T00:51:04.581-0400 INFO  [main] cli.commands.Run - Service 
RUNNING: GelfOutput{client-send-buffer-size='-1', port='12201', inputs='', 
host='162.20.100.27', client-reconnect-delay='1000', 
client-tcp-no-delay='true', id='graylog-server', client-queue-size='512', 
client-connect-timeout='5000'}
2016-08-16T00:51:04.582-0400 INFO  [main] cli.commands.Run - Service 
RUNNING: FileInput{outputs='', content-splitter='NEWLINE', charset='UTF-8', 
message-fields='MessageFields{}', reader-buffer-size='102400', 
reader-interval='100', id='syslog', 
path-set='SinglePathSet{path=/var/log/jenkins/jenkins.log}'}
2016-08-16T00:51:09.557-0400 ERROR [gelfTcpTransport-1-1] 
gelfclient.transport.GelfTcpTransport - Connection failed: connection timed 
out: /162.20.100.27:12201
2016-08-16T00:51:15.562-0400 ERROR [gelfTcpTransport-1-1] 
gelfclient.transport.GelfTcpTransport - Connection failed: connection timed 
out: /162.20.100.27:12201
2016-08-16T00:51:19.310-0400 WARN  [HeartbeatService RUNNING] 
collector.heartbeat.HeartbeatService - Unable to send heartbeat to Graylog 
server: SocketTimeoutException: connect timed out
2016-08-16T00:51:21.568-0400 ERROR [gelfTcpTransport-1-1] 
gelfclient.transport.GelfTcpTransport - Connection failed: connection timed 
out: /162.20.100.27:12201


My collector.conf file: 

server-url = "http://162.20.100.27:12900/;

collector-id = "file:/etc/graylog/collector/collector-id"

inputs {
  syslog {
type = "file"
path = "/var/log/jenkins/jenkins.log"
  }
}

outputs {
  graylog-server {
type = "gelf"
host = "162.20.100.27"
port = 12201
  }

// Prints all messages to STDOUT. Useful for debugging. Do not enable in 
production usage!
   console {
  type = "stdout"
}
}
~


Graylog server GELF TCP :



   - bind_address:
   0.0.0.0
   - max_message_size:
   2097152
   - override_source:
   **
   - port:
   12201
   - recv_buffer_size:
   1048576
   - tcp_keepalive:
   false
   - tls_cert_file:
   **
   - tls_client_auth:
   disabled
   - tls_client_auth_cert_file:
   **
   - tls_enable:
   false
   - tls_key_file:
   admin
   - tls_key_password:
   
   - use_null_delimiter:
   true
   

Thank you 

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/7004b479-236c-4284-b877-5e3c7c3d88f7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: syslog to graylog

[sam]

Hi Jason,


Graylog is installed in linux server. I used rpm package for installation. 
(graylog 2.0) . Can you let me know the possible reasons. 


Firewall on graylog server or client machine?



Thank you 

On Monday, August 15, 2016 at 3:44:35 PM UTC-7, Jason Warnes wrote:
>
> It might be a firewall on your graylog server.  Without knowing what 
> method you used to install the graylog server it's hard to know for sure.
>
>
> On Monday, August 15, 2016 at 12:46:02 AM UTC-6, sam wrote:
>>
>> Hi All,
>>
>> I am trying to send syslog messages into my graylog server. I configured 
>> the ip address in /etc/rsyslog.conf file, I have issues in getting the logs 
>> to my graylog server. 
>>
>>
>> Can anyone of you help me from this please..! 
>>
>> /etc/rsyslog.conf/
>>
>>
>>
>> *.* @graylog.ip.address:5140
>>
>> This settings are configured in client server, 
>>
>>
>> Input configure in graylog server is : 
>> bind address : 0.0.0.0
>> port : 5140 
>>
>>
>>
>> Thank you 
>> Sam 
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/7447055d-cb6e-4ae0-bd7b-9fb4aadad414%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Graylog2 Mapping Multiple Geolocation Fields

[Jason Warnes]

Hi there.  I was wondering if it's possible to add multiple geo-location 
fields to the same Graylog2 map widget?  Right now I have two maps created 
based on firewall logs: one that show what locations we are blocking from 
connecting to our network, and another showing what locations we're 
blocking our users from going to.  It would be nice if I could merge both 
those maps into one with different colours.

Thanks.

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/4ee6fd51-6333-4f05-8483-96e930446447%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: syslog to graylog

[Jason Warnes]

It might be a firewall on your graylog server.  Without knowing what method 
you used to install the graylog server it's hard to know for sure.


On Monday, August 15, 2016 at 12:46:02 AM UTC-6, sam wrote:
>
> Hi All,
>
> I am trying to send syslog messages into my graylog server. I configured 
> the ip address in /etc/rsyslog.conf file, I have issues in getting the logs 
> to my graylog server. 
>
>
> Can anyone of you help me from this please..! 
>
> /etc/rsyslog.conf/
>
>
>
> *.* @graylog.ip.address:5140
>
> This settings are configured in client server, 
>
>
> Input configure in graylog server is : 
> bind address : 0.0.0.0
> port : 5140 
>
>
>
> Thank you 
> Sam 
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/c1f23390-0ed9-4bb7-9e95-81962c9b6f78%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Apache Access Log Fields Not Being Separated

[Graham Green]

I have filebeats send my apache access logs to graylog 2
At one point the logs was being separated into separate fields, somewhere 
that stopped working.
My filebeats config looks like this:
### Filebeat Configuration Example #
# /etc/filebeat/filebeat.yml
# Filebeat 
##
filebeat:
  prospectors:
-
  paths:
- /var/log/audit/audit.log
- /var/log/boot.log
- /var/log/cron
- /var/log/dmesg
- /var/log/messages
- /var/log/secure
- /var/log/yum.log
  document_type: syslog
-
  paths:
- /var/log/httpd/*_access_log
  document_type: apache-access

-
  paths:
   - /var/log/httpd/*_error_log
  document_type: apache-error

output:
  logstash:
hosts: ["mygrayloghost:5044"]
index: filebeat

logging:
  level: debug
  to_files: true
  to_syslog: false
  tail_files: true
  close_older: true
  files:
path: /var/log
name: filebeat.log
keepfiles: 2

All logs are sent to the graylog server and are searchable, the problem is 
the Apache logs are not being broken into separate fields.

We have an Extractor configured in Graylog and when we load a message and 
hit "Try it" in the Extractor config page we get an expected result (see 
attached), but we do not see the same when we search, the fields just 
appear in a single message field.



Any clues as to what is going wrong here would be appreciated.


-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/38968bb9-87a4-47f1-998a-a8bc1aa9d8a3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Graylog rest api not positioning widgets on dashboard

[Alex Stanek]

Hello,
I am currently trying to position dashboard widgets using Graylog 2.0 rest 
api with no such luck on the positions being applied to the UI dashboard. 
The positions of the widgets are changed inside the rest api if i use the 
get /dashboards/{dashboardId} 
 to verify 
the widgets positions that i put using /dashboards/{dashboardId}/positions. 
And the put comes back with a 204 status code displaying that it is a valid 
put. But once i look at my Graylog UI dashboard the widgets have no 
semblance to the positions the are in the rest api and the rest api will 
not update until i change the positions inside of the UI dashboard.
best regards,
Alex

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/7b3ec2cf-9dbf-45bb-bb3e-a85562265790%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Question about sending ALL windows event log data

[Jamie P]

Also wanted to point out you need to make sure your gpos are set to log the 
events and that they are logging successes and failures.

On Monday, August 15, 2016 at 10:31:22 AM UTC-4, Jordan Grondin wrote:
>
> Hello Jamie,
>
> Have you managed to see all the logs of your domain controller?
>
> I faced the same problem.
>
> Regards,
>

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/35b83602-5e2e-4a3d-bf5b-670ae4bc37a1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Question about sending ALL windows event log data

[Jamie P]

I will take a look.  That is good to know Linwood, and I appreciate the 
response.


Jordan,  I am not able to see all the logs yet.  I'm getting quite a bit, 
but I'm not getting events relating to groups (additions, modifications, 
and deletions) and some other stuff.  If you managed to fix yours let me 
know what you did to fix it, I'm curious.  

Also as an FYI, I posted this conf file on nxlog's forum and they stated 
that it should pick up all logs and send to graylog (i.e. no 
errors/misconfigured).

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/628b2122-f44e-489d-8ceb-b041b61ef1cc%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Extractor help

[Rafael Pereira Silva]

Hello, 

Trying create a extractor an log bellow.



need only extract the URL of this message:


*1471285696.626  60020 10.110.103.9 TCP_MISS/200 593 POST 
http://bioxxi.dasa.com.br/java-j2eedispatch/wa/sua/b927ea91c134227112782c98820a7145/1/72
 - FIRST_UP_PARENT/bioxxiweb application/javascript*
staying: 
*http://bioxxi.dasa.com.br*



someone could help me set up?






I thank the attention.


-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/9f77f0c5-95f8-4a8d-9b8f-24d90518e8fe%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Issue with API port when using 2 network interfaces

[Fred Blaise]

Hmm, this does not work properly in the end.

On Monday, August 15, 2016 at 6:24:19 PM UTC+2, Fred Blaise wrote:
>
> As a workaround, in a screen session, I am redirecting with netcat, such 
> as:
>
> while true; do nc -l 192.168.x.y 12900 | nc 213.244.x.y 12900; done
>
> Does the job, but well.
>
> Thanks,
> fred
>
> On Monday, August 15, 2016 at 6:09:43 PM UTC+2, Fred Blaise wrote:
>>
>> Hello,
>>
>> I am using the openstack 2.0.3 qcow2 image on a single instance. I am 
>> having issues when specifying the rest_listen_uri to http://0.0.0.0:12900
>> .
>> I need to have the API port available for both the web UI and 
>> graylog-sidecar clients, which are on 2 different networks.
>>
>> The graylog server instance has 2 interfaces system bound: the public 
>> one, and a private one (192.168.x.y).
>>
>> The other instances of that tenant have an interface for the private 
>> network (and possibly a floating IP, thus not bound at system level). 
>> That's the interface they use when they send logs to graylog, especially 
>> with graylog-sidecar which requires port 12900.
>>
>> The Web UI is accessed via the public IP. So I need to have port 12900 
>> available there as well.
>>
>> Despite the network socket well listening on 0.0.0.0:12900, the Web UI 
>> is no longer loading, because it tries to reach port 12900 on the internal 
>> interface at http://192.168.x.y:12900.
>>
>> Is this a bug? If not, what do you advise?
>>
>> Thank you.
>> Best,
>> fred
>>
>>
>>
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/63b9d622-42fb-4ace-b5b1-0d1f621c0d5f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Issue with API port when using 2 network interfaces

[Fred Blaise]

As a workaround, in a screen session, I am redirecting with netcat, such as:

while true; do nc -l 192.168.x.y 12900 | nc 213.244.x.y 12900; done

Does the job, but well.

Thanks,
fred

On Monday, August 15, 2016 at 6:09:43 PM UTC+2, Fred Blaise wrote:
>
> Hello,
>
> I am using the openstack 2.0.3 qcow2 image on a single instance. I am 
> having issues when specifying the rest_listen_uri to http://0.0.0.0:12900.
> I need to have the API port available for both the web UI and 
> graylog-sidecar clients, which are on 2 different networks.
>
> The graylog server instance has 2 interfaces system bound: the public one, 
> and a private one (192.168.x.y).
>
> The other instances of that tenant have an interface for the private 
> network (and possibly a floating IP, thus not bound at system level). 
> That's the interface they use when they send logs to graylog, especially 
> with graylog-sidecar which requires port 12900.
>
> The Web UI is accessed via the public IP. So I need to have port 12900 
> available there as well.
>
> Despite the network socket well listening on 0.0.0.0:12900, the Web UI is 
> no longer loading, because it tries to reach port 12900 on the internal 
> interface at http://192.168.x.y:12900.
>
> Is this a bug? If not, what do you advise?
>
> Thank you.
> Best,
> fred
>
>
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/0aaa2ab4-5c80-4929-9acf-eb0e59a84450%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Issue with API port when using 2 network interfaces

[Fred Blaise]

Hello,

I am using the openstack 2.0.3 qcow2 image on a single instance. I am 
having issues when specifying the rest_listen_uri to http://0.0.0.0:12900.
I need to have the API port available for both the web UI and 
graylog-sidecar clients, which are on 2 different networks.

The graylog server instance has 2 interfaces system bound: the public one, 
and a private one (192.168.x.y).

The other instances of that tenant have an interface for the private 
network (and possibly a floating IP, thus not bound at system level). 
That's the interface they use when they send logs to graylog, especially 
with graylog-sidecar which requires port 12900.

The Web UI is accessed via the public IP. So I need to have port 12900 
available there as well.

Despite the network socket well listening on 0.0.0.0:12900, the Web UI is 
no longer loading, because it tries to reach port 12900 on the internal 
interface at http://192.168.x.y:12900.

Is this a bug? If not, what do you advise?

Thank you.
Best,
fred




-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/9b39fe46-d2e5-431c-8c95-c89dce237b92%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Graylog and switch Alcatel Lucent

[Jordan Grondin]

Hello,

I doesn't see logs of my Alcatel switch to my Graylog.

I have done the following on my swtich: swlog output socket 


Someone has already encountered the problem

Regards 

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/8479829d-b399-4d02-8c7d-a5bfb2332a59%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] Re: Question about sending ALL windows event log data

[Jordan Grondin]

Hello Jamie,

Have you managed to see all the logs of your domain controller?

I faced the same problem.

Regards,

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/0c6b028c-1885-4f23-ac1a-a081935d391f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [graylog2] Re: Graylog2 sidecar and SSL

[Marius Sturm]

Hi Michael,
this was done here:
https://github.com/Graylog2/graylog-plugin-collector/issues/13
Should be available in Graylog 2.1.0-RC1

Cheers,
Marius


On 12 August 2016 at 13:20, Michael Anthon 
wrote:

> Thanks Marius,
> I've just upgraded to the latest beta and it certainly is looking a lot
> better, it also looks like it might solve another issue I was going to
> raise with the verbatim configurations since we want to do some custom
> processing on inputs to strip sensitive data before it's sent over to
> graylog.
>
> I still do however have an issue getting this to work.  The 3 field for
> the CA, certificate and key files are currently required before you can
> save the output.  I have no need of client certificates and don't have any
> since my goal is just to ensure that the data in transit is encrypted.
>
> I've tried configuring these with just a space, a dot or a double quoted
> empty string but the nxlog config always includes the values which causes
> nxlog to reject the output configuration since the files don't exist.
>
> I have tried shutting down sidecar, removing those 3 lines from the config
> and running nxlog manually and this definitely works, it connects and sends
> messages to graylog.
>
> If those 3 fields could be made optional and not add those entries to the
> generated nxlog.conf then I think this would work perfectly.
>
> Cheers,
> Michael
>
> On Friday, 12 August 2016 01:59:50 UTC+10, Marius Sturm wrote:
>>
>> Ah ja ok, we shipped the SSL feature recently. So you will see it in the
>> next Graylog release or you test the beta version.
>>
>>
>> --
> You received this message because you are subscribed to the Google Groups
> "Graylog Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to graylog2+unsubscr...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/graylog2/2e018723-1fbc-42f9-8f43-097b9d6acee0%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>



-- 
Developer

Tel.: +49 (0)40 609 452 077
Fax.: +49 (0)40 609 452 078

TORCH GmbH - A Graylog Company
Poolstraße 21
20335 Hamburg
Germany

https://www.graylog.com 

Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175
Geschäftsführer: Lennart Koopmann (CEO)

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/CAMqbBb%2BUa01hmK9s4CAEn1xdcz78qGRGnssF4pQWNy5NGrPZiw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [graylog2] Re: Can't Show received messages from NetFlow input

[Arief Hydayat]

Hi everyone,

anyone can help me on these? I tried to put the time range but still
returns me "Nothing found"
As per incoming messages I saw already reach to 4.4GB

[image: Inline image 1]

Is the log path for the Graylog Node is correct? Because I tried to tail -f
the current log file shows nothing. :-(

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/CAHKvR%3DfeCMb5MZM1z1FpJ4AkYVEUgOw-VJrU%3DwtEZUoeRvUmSw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[graylog2] syslog to graylog

[sam]

Hi All,

I am trying to send syslog messages into my graylog server. I configured 
the ip address in /etc/rsyslog.conf file, I have issues in getting the logs 
to my graylog server. 


Can anyone of you help me from this please..! 

/etc/rsyslog.conf/



*.* @graylog.ip.address:5140

This settings are configured in client server, 


Input configure in graylog server is : 
bind address : 0.0.0.0
port : 5140 



Thank you 
Sam 

-- 
You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/graylog2/13edab33-8961-4b81-ac61-db334ba5fdae%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.