panks21
commented
2 years ago I uploaded the content pack but missed to install it. Now I am getting messages however the timezone is still an issue in the graylog even if updated the TZ on docker-compose before running the docker-compose
seajhawk
I followed your steps and I could get everything working except the Graylog part
I can see the firewall is sending data to graylog on port 1514
`tcpdump: verbose output suppressed, use -v[v]... for full protocol decode listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
23:25:56.649243 40:62:31:12:7e:85 > 06:9d:bf:e9:ce:1b, ethertype IPv4 (0x0800), length 233: 192.168.155.254.15740 > 192.168.155.244.1514: UDP, length 191
23:25:56.649245 40:62:31:12:7e:85 > 06:9d:bf:e9:ce:1b, ethertype IPv4 (0x0800), length 255: 192.168.155.254.15740 > 192.168.155.244.1514: UDP, length 213
23:25:56.649245 40:62:31:12:7e:85 > 06:9d:bf:e9:ce:1b, ethertype IPv4 (0x0800), length 255: 192.168.155.254.15740 > 192.168.155.244.1514: UDP, length 213 ` However I dont see anything on the Graylog streams, hence noting on the firewall dashboard on the Grafana.
Graylog is complaining about one error though. Not sure how to resolve it
There is a node without any running inputs. (triggered an hour ago) There is a node without any running inputs. This means that you are not receiving any messages from this node at this point in time. This is most probably an indication of an error or misconfiguration.You can click here to solve this.