Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

Wireshark on the test server shows no packets being sent other than the TCP12900 poll too, so we can be reasonably happy that there's nothing on the network eating them. Config file has updated based on the snippet that I've added, but it's almost as if the nxlog process is running without a

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

Ok - so I've built a clean Windows Server 2012 R2, disabled the firewall and run through the same process with the same result - the only traffic back to the Graylog server is the tcp 12900 poll from the collector - I've tried logging out/in and rebooting the server which all *should* generate

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

Thanks Marius - I'll give that a go today. Thanks for sense checking my config and confirming I've not done anything silly! On Thursday, 7 July 2016 22:30:29 UTC+1, Marius Sturm wrote: > > Yeah, sounds possible to me. All configurations look correct. So some > Windows firewall might be the root

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

Yeah, sounds possible to me. All configurations look correct. So some Windows firewall might be the root cause. Maybe you can try with a test host with all firewalls disabled. On 7 July 2016 at 20:38, Kev Johnson wrote: > >

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

Does this help? Given that we're getting nothing but the Sidecar checking traffic back from the servers I'm still leaning toward

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

The generated config looks fine, maybe a screenshot of the Graylog input puts some light on this? On 7 July 2016 at 19:50, Kev Johnson wrote: > Thanks Marius - I've double checked the input port (and that it's > running!), but even if it were a mismatch I'd expect

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

Thanks Marius - I've double checked the input port (and that it's running!), but even if it were a mismatch I'd expect tcpdump to show the packets hitting the interface. I suspect that this has to be down to the generated config, so I'm pasting the contents of one of the servers' configs below

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

Hi, you could check if the Gelf port on the Graylog side is exactly the same as on the Nxlog sender side, usually 12201. Go to System->Inputs (the input should have a green badge 'running') verify the port number with the one you configured for nxlog in the collector configuration. Another thing,

[graylog2] Graylog Collector Sidecar - no logs being shipped

Firstly: I love the idea of being able to push out updated configuration files to my collectors. That said: I'm having issues getting logs to my Graylog box (deployed from the OVA) Steps taken so far are as follows - Installed NXlogCE - Uninstalled the NXlog service - Installed the