Re: [graylog2] my first syslog input is failing

Hi Jochen, After swittching the receiver to 1514, and a reboot, the server is receiving messages now. However, when I change the user back to "graylog", and restart, after about 1 minute, it crashes with 1000's of errors. Swithing back to root fixes it. I think I should reload the server and

Re: [graylog2] my first syslog input is failing

Hi Jochen, Understand about the security implications. Thank you for pointing out ;) On the receipt issue, yes, I'm sure there is not a network issue, on the graylog server I'm receiving the packet. It's just not showing up in Graylog: [root@server]# tcpdump -nnvvi ens32 port 514 tcpdump:

Re: [graylog2] my first syslog input is failing

On Sunday, 22 January 2017 12:54:20 UTC+1, Jochen Schalanda wrote: > > On Sunday, 22 January 2017 06:19:21 UTC+1, JayJay wrote: >> >> Changed user to root, restarted server, and the input is starting ok now. >> >> > > From a security perspective, that's a very bad idea and I'd recommend to >

Re: [graylog2] my first syslog input is failing

Hi Jason, On Sunday, 22 January 2017 06:19:21 UTC+1, JayJay wrote: > > Changed user to root, restarted server, and the input is starting ok now. > >From a security perspective, that's a very bad idea and I'd recommend to use one of the other mechanisms described in the documentation:

Re: [graylog2] my first syslog input is failing

Hi Jochen, Thanks! Changed user to root, restarted server, and the input is starting ok now. However, when I send test messages to the input, I don't see anything in input/search window. In the log, I see this: 2017-01-22T21:05:47.002+08:00 WARN [NettyTransport] receiveBufferSize (SO_RCVBUF)

Re: [graylog2] my first syslog input is failing

Hi - further, I found another error more helpful on this: An input has failed to start (triggered in 8 hours) Input 58824501d7a3bd5096cf8dc9 has failed to start on node b4803a74-6842-49dd-84b1-bc6a9a7b2504 for this reason: »Permission denied.«. This means that you are unable to receive any

Re: [graylog2] my first syslog input is failing

Hi Richard, - allow_override_date: true - bind_address: 10.10.0.64 < I also tried 0.0.0.0 and 127.0.0.l - expand_structured_data: true - force_rdns: true - override_source: ** - port: 514 - recv_buffer_size: 262144 - store_full_message:

Re: [graylog2] my first syslog input is failing

What port are you trying to use? > On Jan 20, 2017, at 6:15 PM, JayJay wrote: > > Hi, > > I have GrayLog setup on CentOS7. > I tried to setup an UDP Syslog input, and after setup, it eventually says > "failed". I searched the logs, and didn't see much. > > I do

[graylog2] my first syslog input is failing

Hi, I have GrayLog setup on CentOS7. I tried to setup an UDP Syslog input, and after setup, it eventually says "failed". I searched the logs, and didn't see much. I do see "failed" in the main log at org.jboss.netty.channel.Channels.bind(Channels.java:561) ~[graylog.jar:?]