Hi Has anyone managed to get the syslogd utility in 'sysklogd' to send RFC 5424 compliant syslog messages to Graylog? We use this package for syslog output in Oracle Linux x86_64
I have tried both of the following in /etc/syslog.conf and whilst it doesn't error when syslogd is restarted, no syslog messages are received by Graylog: $template GRAYLOGRFC5424,"<%PRI%>%PROTOCOL-VERSION% %TIMESTAMP:::date-rfc3339% %HOSTNAME% %APP-NAME% %PROCID% %MSGID% %STRUCTURED-DATA% %msg%\n" *.* @my.server.org:514;GRAYLOGRFC5424 or *.* @my.server.org:514;RSYSLOG_SyslogProtocol23Format The only configuration I can get to work is a simple UDP syslog config: *.* @my.server.org Thanks for your help Richard M -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/6dcc8660-ed22-43c6-8499-0a2eae12b35c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
