[graylog2] graylog collector sidecar and winloigbeat language issue

Hi I'm collecting logs from Windows Serwer 2012 R2 using graylog collector sidecar with winlogbeat, and I have issues with logs language. The system was installed as Polish (my language) but later we changed language to English, now everything is in English except messages sent by winlogbeat

Re: [graylog2] Graylog Collector Sidecar Analysis

Thanks Marius, that seemed to do that trick. On Wednesday, November 30, 2016 at 4:34:10 AM UTC-5, Marius Sturm wrote: > > Hi Marvin, > the tags are used to define which configuration should be applied to a > host. So it's up to you to add the tag to the collector_sidecar.yml > file. Afterwards

Re: [graylog2] Graylog Collector Sidecar Analysis

Hi Marvin, the tags are used to define which configuration should be applied to a host. So it's up to you to add the tag to the collector_sidecar.yml file. Afterwards it should detect the change in the web interface. If you want to distinguish between the two inputs at search time you can use the

[graylog2] Graylog Collector Sidecar Analysis

Hello, We are testing graylog to see if it fits our needs for a centralized logging system. We've installed and setup graylog and we wanted to be able to import specific log files to graylog. We read that graylog collector sidecar is an option. We have setup a new beats input and tested an

[graylog2] graylog-collector-sidecar on RHEL 5.6 Segmentation fault

Hi everyone, I try to add collector-sidecar as a system service on RHEL 5.4 and 5.6. It works on RHEL 5.4, but failed on RHEL 5.6. The error message is "Segmentation fault" kernel: graylog-collect[25418]: segfault at rip 7fff3c8e8767 rsp 7fff3c8216e0 error 4 Any

[graylog2] Graylog collector (depricated) for graylog 2.0 connecting issues

Hi All, I installed graylog collector 0.5.0 version in client machine to send logs to my graylog server (2.0) version. When I start collector I see below errors. CAn anyone let me know where am I going wrong please.. ! 2016-08-16T00:51:04.579-0400 INFO [main] cli.commands.Run - Service

[graylog2] Graylog collector for linux x86_64 - graylog 2.0

Hi All, Can you let me know where can i find the collector for linux redhat graylog2.0 version? Thank you -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email

Re: [graylog2] graylog-collector-sidecar issue

Dont forget to set the 'apache' tag on the top of the page and press 'Update tags' On 25 July 2016 at 17:15, Marius Sturm wrote: > The defaults are pretty fine for a first test. Create a NXLog Gelf output > with the IP and port of your Graylog's Gelf Input (typically

Re: [graylog2] graylog-collector-sidecar issue

The defaults are pretty fine for a first test. Create a NXLog Gelf output with the IP and port of your Graylog's Gelf Input (typically Graylog's server IP and port 12201). Then create a NXLog file input and connect it with the output from above by setting the 'Forward to' drop-down. Set the right

Re: [graylog2] graylog-collector-sidecar issue

Hi Tony, you have to create a configuration for the sidecar first. Go to 'Manage configurations' on the collectors page and set up the needed inputs and outputs of your nxlog instance. Cheers, Marius On 25 July 2016 at 15:56, Tony wrote: > Hello everybody, > I would like

[graylog2] graylog-collector-sidecar issue

Hello everybody, I would like to send my apache2 log files from a remote server to graylog server. Actually I using graylog-collector-sidecar on Debian 7 and my configuration files are: collectoe_sidecar.yaml--- erver_url: http://10.5.10.242:12900 node_id:

[graylog2] graylog-collector not working on ubuntu 14.04.4

I have installed the graylog on one server and start with the hello world kind of thing. But still server is not starting. This is what i used. server-url = "http://10.240.0.4:12900/; inputs { syslog { type = "file" path = "/var/log/syslog" } } outputs { graylog-server {

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

Wireshark on the test server shows no packets being sent other than the TCP12900 poll too, so we can be reasonably happy that there's nothing on the network eating them. Config file has updated based on the snippet that I've added, but it's almost as if the nxlog process is running without a

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

Ok - so I've built a clean Windows Server 2012 R2, disabled the firewall and run through the same process with the same result - the only traffic back to the Graylog server is the tcp 12900 poll from the collector - I've tried logging out/in and rebooting the server which all *should* generate

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

Thanks Marius - I'll give that a go today. Thanks for sense checking my config and confirming I've not done anything silly! On Thursday, 7 July 2016 22:30:29 UTC+1, Marius Sturm wrote: > > Yeah, sounds possible to me. All configurations look correct. So some > Windows firewall might be the root

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

Yeah, sounds possible to me. All configurations look correct. So some Windows firewall might be the root cause. Maybe you can try with a test host with all firewalls disabled. On 7 July 2016 at 20:38, Kev Johnson wrote: > >

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

Does this help? Given that we're getting nothing but the Sidecar checking traffic back from the servers I'm still leaning toward

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

The generated config looks fine, maybe a screenshot of the Graylog input puts some light on this? On 7 July 2016 at 19:50, Kev Johnson wrote: > Thanks Marius - I've double checked the input port (and that it's > running!), but even if it were a mismatch I'd expect

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

Thanks Marius - I've double checked the input port (and that it's running!), but even if it were a mismatch I'd expect tcpdump to show the packets hitting the interface. I suspect that this has to be down to the generated config, so I'm pasting the contents of one of the servers' configs below

Re: [graylog2] Graylog Collector Sidecar - no logs being shipped

Hi, you could check if the Gelf port on the Graylog side is exactly the same as on the Nxlog sender side, usually 12201. Go to System->Inputs (the input should have a green badge 'running') verify the port number with the one you configured for nxlog in the collector configuration. Another thing,

[graylog2] Graylog Collector Sidecar - no logs being shipped

Firstly: I love the idea of being able to push out updated configuration files to my collectors. That said: I'm having issues getting logs to my Graylog box (deployed from the OVA) Steps taken so far are as follows - Installed NXlogCE - Uninstalled the NXlog service - Installed the

[graylog2] graylog-collector-sidecar

Hi folks, I'm trying to get these collector-sidecar running on my linux. Did the installation of nxlog and the collector-sidecar.rpm file. My graylog server is running on another machine. First of all the error message when runnning the collector-sidecar binary with the conf file

[graylog2] GRAYLOG collector centos rpm packages

Hi , Do we have GRAYLOG collector that we install on agent machine, any rpm packages for REDHAT 6.0 ?? When I install it manually like unzip, when I run the collector it pop out with logs in between.. Thank you Sikandar -- You received this message because you are subscribed to the

[graylog2] graylog collector and cpu load

Hello community, I just wonder , if the service stops graylog-server or elasticsearch . Does it make load in the log source? have a nice day. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving

[graylog2] Graylog collector

Check out the collector documentation page here http://docs.graylog.org/en/1.3/pages/collector.html You can define what log files to ship to graylog in the collector configuration file. Configuring steam rules is done via the gray log web interface. Hope that helps. -- You received this

[graylog2] Graylog collector

HI all, I have some queries regarding graylog; Do we need root access to install graylog-collector in agent machine? 1) How can we handle different log names in graylog ? 2) Can I able to stream particular error messages into streaming CAn you please do reply me .. !! Thank you

Re: [graylog2] graylog-collector on AIX stops sending logs suddenly with no errors?

What size are the logs files? Do they stop running when they reach a certain size, or when the collector has transferred a certain amount of data? I'm wondering about bugs in the java from using INTs or something too small to handle the size of the files, 2G or 4G numbers come to mind. Do small

[graylog2] Graylog Collector: 'Unable to send heartbeat...'

Hi Folks, Running latest graylog beta on Centos 6.7. I have graylog-collector-0.4.2 running on a separate Centos 6.7 server. My collector is not appearing in System/Collectors in the UI and throws the following warnings: 2016-04-06T15:48:42.962+ WARN [HeartbeatService RUNNING]

[graylog2] graylog collector not working as a service, but fine in cmd

Dear All, I recently setup a graylog2 server on ubuntu 14.04 I am testing the graylog collector and have it working, and sending logs to the graylog server when running it from command line: graylog-collector.bat run -f collector.conf I can see the message in the stout in the cmd prompt,

[graylog2] graylog collector 0.4.2 Exception in thread "ChunkProcessor" java.lang.IndexOutOfBoundsException

Hi, When we use graylog collector 0.4.2 on Red Hat Enterprise 6.4, we sometimes meet exception in thread "ChunkProcessor" as below , then graylog collector can't send log to server util we restart collector.Because of this problem we can not collect complete log.Would we pass this exception to

[graylog2] GrayLog collector

Can we collect the weblogic logs and fwd to graylog server with pout installing Graylog collector on the client machine? -- DISCLAIMER: This message, including any attachments, contains confidential information intended for a specific individual and purpose, and is protected by law. If you

[graylog2] Graylog Collector Failed to Start

This is my server and the message I get when trying to start or run the Graylog Collector. Linux lamp 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt20-1+deb8u3 (2016-01-17) x86_64 Welcome to Lamp, TurnKey GNU/Linux 14.0 / Debian 8.3 Jessie System information (as of Wed Feb 24 15:43:39 2016)

[graylog2] graylog collector not giving right format data for tomcat

Hi I am not getting right format data for tomcat in graylog console through graylog collector attached snapshot shows you the format i am getting in graylog console. please help thanks amit sharma -- You received this message because you are subscribed to the Google Groups "Graylog

[graylog2] Graylog Collector Configuration Settings

Hi all, I have configured a graylog collector with the following settings: server-url = "http://xxx.xxx.xxx.xxx:12900/; collector-id = /etc/graylog/collector/collector-id inputs { syslog { type = "file" path = "/var/log/syslog" } apache-logs { type = "file" //

[graylog2] Graylog collector and timestamp

Hello, using graylog 1.2.2 and collector 0.4.1, there is a big difference between graylog timestamp and log file timestamp. A line in a logfile with a 17:11:34,887 timestamp can have a 17:11:53.328 timestamp in graylog, which is a 20 seconds difference ! I'm currently testing collector to

[graylog2] Graylog collector cannot parse Security log

Hi everybody. I'm trying graylog collector with my Win8 PC. I cant collect security event logs. I tried the same with my Win2008 server and same results. Any idea about that ? Thank you in advance. --- 2015-10-06 23:26:00 Commons Daemon procrun stdout initialized

[graylog2] Graylog Collector Not working

Hello , I have already configured the graylog latest version 1.1.2 with the help of virtual machine provided on graylog site. One server is running graylog server, mongodb and elasticsearch, 2nd one is running elasticsearch, 3rd one is running graylogweb interface. Now I want to add a ubuntu

[graylog2] Graylog collector and iis logs

Hi friends We are trying to get iis logs by graylog collector. We have this config iis-access { type = file path = E:\\Logs IIS\\W3SVC1\\?.log poll-interval = 5s } Iis log name changes each day hour, the real format of the log is u_exDDMMHH.log If we test it

Re: [graylog2] Graylog collector and iis logs

Alberto, the Collector does not support wildcards in log file names yet, sorry. This will be implemented very soon. See the corresponding issue in GitHub for this. https://github.com/Graylog2/collector/issues/24 Regards, Bernd Alberto Hontoria [Thu, Jun 18, 2015 at 11:29:13AM -0700]