[graylog2] Forward an Existing Log file to Graylog ( Syslog Server ==> graylog )

Hi everyone, i have a question, well, i have a systlog server already configured, i'm wondering if it is possible to forward the existing log file on the server toward the Graylog server . thanks -- You received this message because you are subscribed to the Google Groups "Graylog Users" group

[graylog2] Re: Forward an Existing Log file to Graylog ( Syslog Server ==> graylog )

Le mercredi 19 octobre 2016 08:54:36 UTC+2, Benbrahim Anass a écrit : > > Hi everyone, > i have a question, well, i have a systlog server already configured, i'm > wondering if it is possible to forward the existing log file on the server > toward the Graylog server .

[graylog2] Re: Forward an Existing Log file to Graylog ( Syslog Server ==> graylog )

Thanks Jochen For the Reply, what i meant is that i already have a syslog server gathering trafic from differents equipements in my newtrok ( routers, switches, other servers..) the idea is to forward that trafic to the graylog without the need of reconfiguring everything to work with graylog -

[graylog2] Re: Forward an Existing Log file to Graylog ( Syslog Server ==> graylog )

On Wednesday, 19 October 2016 08:54:36 UTC+2, Benbrahim Anass wrote: >> >> Hi everyone, >> i have a question, well, i have a systlog server already configured, i'm >> wondering if it is possible to forward the existing log file on the server >> toward the Graylog serv

[graylog2] Re: Forward an Existing Log file to Graylog ( Syslog Server ==> graylog )

On Wednesday, 19 October 2016 08:54:36 UTC+2, Benbrahim Anass wrote: >> >> Hi everyone, >> i have a question, well, i have a systlog server already configured, i'm >> wondering if it is possible to forward the existing log file on the server >> toward the Graylog serv

[graylog2] Redirect logs from /varlog/messages to a Graylog server

Hello i'm wondering if it is possible to redirect all /var/log/message of a syslog server to a distant graylog server Thanks alot -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it,

[graylog2] Re: Redirect logs from /varlog/messages to a Graylog server

//github.com/Graylog2/graylog-guide-syslog-linux#readme for > instructions how to configure rsyslog or syslog-ng to forward logs to > Graylog. > > Cheers, > Jochen > > On Wednesday, 19 October 2016 15:30:06 UTC+2, Benbrahim Anass wrote: >> >> Hello >> i'm wond

[graylog2] Re: Redirect logs from /varlog/messages to a Graylog server

n Thursday, 20 October 2016 10:05:32 UTC+2, Benbrahim Anass wrote: >> >> Graylog is not recieving anything, i did exactly as the guide . maybe i >> did something wrong when adding syslog tcp inpute. can you give me an >> exemple please >> > > Examples are already gi

[graylog2] Re: Redirect logs from /varlog/messages to a Graylog server

problem Solved, of course it's SElinux Thank you NSA, FUCK! Jochen cheers dude Le jeudi 20 octobre 2016 12:09:04 UTC+2, Jochen Schalanda a écrit : > > Hi, > > On Thursday, 20 October 2016 11:55:56 UTC+2, Benbrahim Anass wrote: >> >> and when i try to configure

[graylog2] need a logstash-forwarder on Graylog tutorial, Client & server side

Hi could anybody provide me a tutorial on how to install logstash-forwarder and configure it to work with a graylog2 server Thank you Anas -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emai

[graylog2] Graylog2 unscaled recieved logs

Hi everyone, i'm testing Graylog2 wi

[graylog2] Graylog2 unscaled logs

Hi everyone, i'm testing Graylog2 with elasticsearch, i've run into this situation where graylog recieve unscaled logs from a distant syslog server.

[graylog2] Re: need a logstash-forwarder on Graylog tutorial, Client & server side

der. > > See http://docs.graylog.org/en/2.1/pages/collector_sidecar.html for > instructions how to use Filebeat with the Graylog Collector Sidecar. > > > Cheers, > Jochen > > On Friday, 21 October 2016 09:01:09 UTC+2, Benbrahim Anass wrote: >> >> Hi >> could anyb

[graylog2] Re: Graylog2 unscaled logs

h%2Binfo.png> Le vendredi 21 octobre 2016 10:24:39 UTC+2, Jochen Schalanda a écrit : > > Hi, > > what does "unscaled logs" mean? > > Cheers, > Jochen > > On Friday, 21 October 2016 10:18:56 UTC+2, Benbrahim Anass wrote: >> >> Hi everyone, &g

[graylog2] Re: Graylog2 unscaled logs

- http://docs.graylog.org/en/2.1/pages/extractors.html >- http://docs.graylog.org/en/2.1/pages/pipelines.html > > > Cheers, > Jochen > > On Friday, 21 October 2016 10:41:16 UTC+2, Benbrahim Anass wrote: >> >> it sends the whole /var/log/messages/ without

[graylog2] Send Rsyslog Via GELF to Graylog

Hi everyone, i'm wondering if is it possible to send rsyslog data via GELF to Graylog, i saw this tutorial but since i'm newbie i dont know where to create that templet or any of that config http://www.rsyslog.com/doc/master/tutorials/gelf_forwarding.html hope someone can explain that to me thank

[graylog2] Re: Send Rsyslog Via GELF to Graylog

quot;:"2016-10-24 09:29:35","SourceModuleName":"in","SourceModuleType":"im_msvistalog"}#015 Le lundi 24 octobre 2016 09:49:16 UTC+2, Jochen Schalanda a écrit : > > Hi, > > the instructions on the rsyslog website > &l

[graylog2] Re: Send Rsyslog Via GELF to Graylog

co/> or Winlogbeat > <https://www.elastic.co/de/downloads/beats/winlogbeat>? Both can be > managed by the Graylog Collector Sidecar > <http://docs.graylog.org/en/2.1/pages/collector_sidecar.html>. > > Cheers, > Jochen > > On Monday, 24 October 2016 10:03:35 UTC+2,

[graylog2] Re: Send Rsyslog Via GELF to Graylog

is there a better way to filter this logs? Le lundi 24 octobre 2016 12:02:06 UTC+2, Benbrahim Anass a écrit : > > i dont have only windows machines, i have hp router, linux servers ...all > of those sends there logs to a centralized syslog server and this last > forward everythin

[graylog2] use logstash + gelf to send logs to graylog

i'm wondering if is it possible to send logs via logstash/gelf to Graylog2, if it is, i'm gonna need an exemple of a logstash output via GELF Thanks cheers anas -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group

[graylog2] Re: Graylog 2.1 on Ubuntu 16.04 - no web interface, no port 9000

r u sure the port 9000 is open? try a telnet on it Le mardi 25 octobre 2016 13:55:04 UTC+2, Marcio Merlone a écrit : > > Hi all! > > I am setting up a standalone graylog server on a Ubuntu 16.04 LTS. I went > trough the docs > http://docs.graylog.org/en/2.1/pages/installation/os/ubuntu.html jus

[graylog2] Re: use logstash + gelf to send logs to graylog

suggestions? thanks Le mardi 25 octobre 2016 14:31:00 UTC+2, Jochen Schalanda a écrit : > > Hi, > > On Tuesday, 25 October 2016 13:19:51 UTC+2, Benbrahim Anass wrote: >> >> i'm wondering if is it possible to send logs via logstash/gelf to >> Graylog2, if it is, i'm

[graylog2] Re: use logstash + gelf to send logs to graylog

t;,\"pid\":\"") property(name="procid") constant(value="\",\"rawmsg\":\"") property(name="rawmsg") constant(value="\",\"syslogtag\":\"") property(name="s

[graylog2] Re: use logstash + gelf to send logs to graylog

Probleme Fixed, apparently logstash/gelf only works with UDP. it would be nice if they mentioned that somewhere cheers Anas Le mardi 25 octobre 2016 13:19:51 UTC+2, Benbrahim Anass a écrit : > > i'm wondering if is it possible to send logs via logstash/gelf to > Graylog2, if it

[graylog2] Re: use logstash + gelf to send logs to graylog

2016, 3:46:30 (UTC-4), Benbrahim Anass > escribió: >> >> Probleme Fixed, apparently logstash/gelf only works with UDP. >> it would be nice if they mentioned that somewhere >> >> cheers >> Anas >> >> Le mardi 25 octobre 2016 13:19:51 UTC+2, Benbrahim A

[graylog2] Graylog2 send Alerts with SMS

Hi everybody, i've seen some topics on the internet saying that it is possible to send SMS alerts using plugins like Nexmo, plivo.. i'm wondering if it is true, and if it's free or not Cheers Anas -- You received this message because you are subscribed to the Google Groups "Graylog Users" group

[graylog2] Re: Graylog2 send Alerts with SMS

s. > > > Cheers, > Jochen > > On Thursday, 27 October 2016 15:12:06 UTC+2, Benbrahim Anass wrote: >> >> Hi everybody, >> i've seen some topics on the internet saying that it is possible to send >> SMS alerts using plugins like Nexmo, plivo.. >> i&

[graylog2] using graylog just for indexing logs not storing them

hi everyone, i'm wondering if it is possible to use graylog just for reading logs and not storing them, and i like to know where to configure that i like to know also the minimum amount of ram ram needed for logs of a mid size company ( around 20 equipements) cheers Anas -- You received this

[graylog2] Re: using graylog just for indexing logs not storing them

écrit : > > Hi Anas, > > what exactly do you mean with "just for reading logs and not storing > them"? Could you elaborate on your use case(s)? > > Cheers, > Jochen > > On Monday, 14 November 2016 08:38:42 UTC+1, Benbrahim Anass wrote: >> >> hi

[graylog2] Re: using graylog just for indexing logs not storing them

yes that's what i'm going to do thanks man cheers Le mardi 15 novembre 2016 11:11:03 UTC+1, Jochen Schalanda a écrit : > > Hi Anas, > > On Tuesday, 15 November 2016 10:49:53 UTC+1, Benbrahim Anass wrote: >> >> i wanna use graylog just for indexing in real time th

[graylog2] WebTrends Enhanced Log file Format (Welf) to graylog

Hi everybody, i'm wondering if there is an input for Welf Logs or they will work with a gelf input in graylog. thanks. cheers Anas -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails fro

[graylog2] Re: Syslog Data from specific server not in Graylog Web Interface

Hi make sure your logs are comming to the graylog by recieving them first on syslog cheers Anas Le mercredi 14 décembre 2016 15:05:51 UTC+1, secte...@gmail.com a écrit : > > > Hi, > > Syslog data is not received correctly by Graylog - as it can not show data > from specific source. > > If I do

[graylog2] Re: WebTrends Enhanced Log file Format (Welf) to graylog

gt; Hi Anas, > > WELF (?) is not being supported by Graylog out-of-the-box, but you could > quite easily write a plugin for that format. > > Cheers, > Jochen > > On Wednesday, 14 December 2016 15:08:11 UTC+1, Benbrahim Anass wrote: >> >> Hi everybody, >> >&g

[graylog2] Re: WebTrends Enhanced Log file Format (Welf) to graylog

ot; srcifname="Nottoday" ipproto=udp dstif="Ethernet1" dstifname="production" proto=dns src=172.16..554.3 srcport=62784 srcname= dst=1 dstport= dstportname=dns_udp dstname= modsrc=172.16.100.117 modsrcport= origdst= origdstport= sent=42 rcvd=122 duration=0.01 logt

[graylog2] Re: Syslog Data from specific server not in Graylog Web Interface

di 14 décembre 2016 15:59:01 UTC+1, secte...@gmail.com a écrit : > > Actually i see data received in Graylog Web Interface - but it shows like > the "Source" field is not the actual ip adress of the server sending the > Syslog data, but source represents some function on t

[graylog2] Re: WebTrends Enhanced Log file Format (Welf) to graylog

ome > Logstash filter? > > Cheers, > Jochen > > On Wednesday, 14 December 2016 15:42:46 UTC+1, Benbrahim Anass wrote: >> >> here is an exemple of what i'm recieving: >> {"@timestamp":"2016-12-14T12:44:12+01:00","@version":"1"

[graylog2] Logstash to graylog using TLS

hi everyone, i'm looking for a secured way to send logs using logstash to graylog i tried gelf AMQP but i had difficulties configuring it thanks in advance. cheers -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group

[graylog2] Re: Logstash to graylog using TLS

for exemple broker hosname, when i put localhost : connexion denied , i dont know what to put there. routing key : no idea what is that cheers Anas Le mardi 17 janvier 2017 10:05:03 UTC+1, Jochen Schalanda a écrit : > > Hi, > > On Tuesday, 17 January 2017 09:35:02 UTC+1, Benbrahim

[graylog2] Re: Logstash to graylog using TLS

- https://www.rabbitmq.com/how.html > > There are other ways to send messages from Logstash to Graylog, such as > Apache Kafka or using TLS to send JSON to Graylog and extract it there with > a JSON extractor. > > Cheers, > Jochen > > On Tuesday, 17 January 2017

Re: [graylog2] Re: Logstash to graylog using TLS

i already parse everything using json, if like you said i use TCP output, what input in graylog should i use? cheers Anas Le mardi 17 janvier 2017 12:01:17 UTC+1, Richard S. Westmoreland a écrit : > > Ah sorry, TCP. If he sets it to JSON then an extractor should parse that > back out easily.

Re: [graylog2] Re: Logstash to graylog using TLS

écrit : > > Raw TCP Input > > On Jan 18, 2017, at 4:28 PM, Benbrahim Anass > wrote: > > i already parse everything using json, if like you said i use TCP output, > what input in graylog should i use? > > cheers > Anas > > Le mardi 17 janvier 2017 12:01:17

Re: [graylog2] Re: Logstash to graylog using TLS

; > So you have Raw TCP input on that same port? Can you see the port > listening, and can you telnet to it from the logstash host? > > On Jan 18, 2017, at 6:03 PM, Benbrahim Anass > wrote: > > I tried the minimal config: > tcp { > host => "172.16.52.25"

[graylog2] Graylog : custome dashboard

Hi everyone, i'm wondering if there is a way to create a dashboard containing more than one field like : *Source DestinationPort% Count* the default dash is like *Value%Count* thanks if advanced Anas -- You recei

[graylog2] Re: Graylog : custome dashboard

t; On Thursday, 26 January 2017 13:56:34 UTC+1, Benbrahim Anass wrote: >> >> Hi everyone, >> i'm wondering if there is a way to create a dashboard containing more >> than one field like : >> >> *Source DestinationPo

[graylog2] Re: How to parse OpenVPN logs in Graylog?

Hi i use GROK to parse everything, try this : %{WORD:program}%{NOTSPACE}: %{IPV4:IPClient}:%{NOTSPACE:PORT} \[%{WORD:User}\] i track daily connections as follow,

[graylog2] Re: pfSense Extractor

Hi the best way is to parse messages one by one Cheers Anas Le vendredi 6 février 2015 11:41:14 UTC+1, VANTIN Dao a écrit : > > Hello, > I use Graylog2 with Rsyslog and when my pfSense send log to my Graylog2 i > can't read the log then i download your extractor for pfsense on your > website a

[graylog2] Re: [ANN] Graylog 2.2.0 has been released

Hi Jochen & Graylog team Congratulations on the new release, is there anything new about custom dashboards ? Thanks in advance Anas Le mardi 14 février 2017 16:07:13 UTC+1, Jochen Schalanda a écrit : > > Hi everyone, > > I'm proud to announce the GA release of Graylog 2.2.0! > > We've put a lot