rahimkhoja
commented
6 years ago OK I got it working..
I created the file /etc/rsyslog.d/nxlog_syslog.conf on the client
with the contents
$template TraditionalFormat,"%timegenerated% %HOSTNAME% %syslogtag%%msg:::drop-last-lf%\n"
*.* @127.0.0.1;TraditionalFormat
Problem description
No syslog messages get sent via the NXLOG collector-sidecar. we have setup UDP Syslog NXLOG Input via the Graylog collector configurations. A GELF output has been setup. Documentation does not explain how to setup the NXLOG Syslog Input. (Ironically, The picture on the SideCar setup docs has a Syslog UDP Input shown but not explained)
We think that NXLOG should gather together all the SYSLOG Messages and send them to Graylog via the GELF Output. Perhaps syslog transmits them to NXLOG. This is not happening. rsyslogd sends the messages without any problem(Both TCP and UDP), but I would rather have them all come thru the same connector.
Steps to reproduce the problem
Setup a sidecar collector, including GELF Input. Added File Input. Tested it and confirmed that the data is being collected. ... Add NXLOG Syslog UDP input to NXlog Sidecard configuration. No Syslogs collected. :( Environment
Sidecar Version: 0.1.4 Graylog Version: 2.3 Operating System: CentOS 7.4 ( Server ) && Cent 6.9 ( Clients ) Elasticsearch Version: 3.2 MongoDB Version: ?