[graylog2] graylog collector sidecar and winloigbeat language issue

Hi I'm collecting logs from Windows Serwer 2012 R2 using graylog collector sidecar with winlogbeat, and I have issues with logs language. The system was installed as Polish (my language) but later we changed language to English, now everything is in English except messages sent by winlogbeat

Re: [graylog2] Graylog Collector Sidecar Analysis

Thanks Marius, that seemed to do that trick. On Wednesday, November 30, 2016 at 4:34:10 AM UTC-5, Marius Sturm wrote: > > Hi Marvin, > the tags are used to define which configuration should be applied to a > host. So it's up to you to add the tag to the collector_sidecar.yml > file. Afterwards

Re: [graylog2] Graylog Collector Sidecar Analysis

Hi Marvin, the tags are used to define which configuration should be applied to a host. So it's up to you to add the tag to the collector_sidecar.yml file. Afterwards it should detect the change in the web interface. If you want to distinguish between the two inputs at search time you can use the

[graylog2] Graylog Collector Sidecar Analysis

Hello, We are testing graylog to see if it fits our needs for a centralized logging system. We've installed and setup graylog and we wanted to be able to import specific log files to graylog. We read that graylog collector sidecar is an option. We have setup a new beats input and tested an

[graylog2] graylog-collector-sidecar on RHEL 5.6 Segmentation fault

Hi everyone, I try to add collector-sidecar as a system service on RHEL 5.4 and 5.6. It works on RHEL 5.4, but failed on RHEL 5.6. The error message is "Segmentation fault" kernel: graylog-collect[25418]: segfault at rip 7fff3c8e8767 rsp 7fff3c8216e0 error 4 Any

Re: [graylog2] graylog-collector-sidecar issue

Dont forget to set the 'apache' tag on the top of the page and press 'Update tags' On 25 July 2016 at 17:15, Marius Sturm wrote: > The defaults are pretty fine for a first test. Create a NXLog Gelf output > with the IP and port of your Graylog's Gelf Input (typically

Re: [graylog2] graylog-collector-sidecar issue

The defaults are pretty fine for a first test. Create a NXLog Gelf output with the IP and port of your Graylog's Gelf Input (typically Graylog's server IP and port 12201). Then create a NXLog file input and connect it with the output from above by setting the 'Forward to' drop-down. Set the right

Re: [graylog2] graylog-collector-sidecar issue

Hi Tony, you have to create a configuration for the sidecar first. Go to 'Manage configurations' on the collectors page and set up the needed inputs and outputs of your nxlog instance. Cheers, Marius On 25 July 2016 at 15:56, Tony wrote: > Hello everybody, > I would like

[graylog2] graylog-collector-sidecar issue

Hello everybody, I would like to send my apache2 log files from a remote server to graylog server. Actually I using graylog-collector-sidecar on Debian 7 and my configuration files are: collectoe_sidecar.yaml--- erver_url: http://10.5.10.242:12900 node_id:

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

Wireshark on the test server shows no packets being sent other than the TCP12900 poll too, so we can be reasonably happy that there's nothing on the network eating them. Config file has updated based on the snippet that I've added, but it's almost as if the nxlog process is running without a

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

Ok - so I've built a clean Windows Server 2012 R2, disabled the firewall and run through the same process with the same result - the only traffic back to the Graylog server is the tcp 12900 poll from the collector - I've tried logging out/in and rebooting the server which all *should* generate

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

Thanks Marius - I'll give that a go today. Thanks for sense checking my config and confirming I've not done anything silly! On Thursday, 7 July 2016 22:30:29 UTC+1, Marius Sturm wrote: > > Yeah, sounds possible to me. All configurations look correct. So some > Windows firewall might be the root

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

Yeah, sounds possible to me. All configurations look correct. So some Windows firewall might be the root cause. Maybe you can try with a test host with all firewalls disabled. On 7 July 2016 at 20:38, Kev Johnson wrote: > >

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

Does this help? Given that we're getting nothing but the Sidecar checking traffic back from the servers I'm still leaning toward

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

The generated config looks fine, maybe a screenshot of the Graylog input puts some light on this? On 7 July 2016 at 19:50, Kev Johnson wrote: > Thanks Marius - I've double checked the input port (and that it's > running!), but even if it were a mismatch I'd expect

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

Thanks Marius - I've double checked the input port (and that it's running!), but even if it were a mismatch I'd expect tcpdump to show the packets hitting the interface. I suspect that this has to be down to the generated config, so I'm pasting the contents of one of the servers' configs below

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

Hi, you could check if the Gelf port on the Graylog side is exactly the same as on the Nxlog sender side, usually 12201. Go to System->Inputs (the input should have a green badge 'running') verify the port number with the one you configured for nxlog in the collector configuration. Another thing,

[graylog2] Graylog Collector Sidecar - no logs being shipped

Firstly: I love the idea of being able to push out updated configuration files to my collectors. That said: I'm having issues getting logs to my Graylog box (deployed from the OVA) Steps taken so far are as follows - Installed NXlogCE - Uninstalled the NXlog service - Installed the

[graylog2] graylog-collector-sidecar

Hi folks, I'm trying to get these collector-sidecar running on my linux. Did the installation of nxlog and the collector-sidecar.rpm file. My graylog server is running on another machine. First of all the error message when runnning the collector-sidecar binary with the conf file