search

wizecore / graylog2-output-syslog

Customizable, production ready syslog and ArcSight output plugin for Graylog
Apache License 2.0
39 stars 20 forks source link

plugin not available in configuration and not forwarding the message. #24

Closed latheefp closed 5 years ago

latheefp commented 6 years ago

This plugin is not visible in configuration page of graylog. My graylog version is Graylog 2.4.4+4659dbe on eecsaruh6hor182 (Oracle Corporation 1.8.0_172 on Linux 4.4.0-121-generic)

image

However, i can see it under output (in system /input out put menu)

image

When i do a snoop in servers end also, i see no traffic passing to archsight. image

huksley commented 6 years ago

Configuration - yes, it is some new page and I need to check how to register plugin in that.

Can you attach log? Or look for specific lines related to wizecore or Syslog* and add these to this issue. Thanks

latheefp commented 6 years ago

This is the logs...

root@eecsaruh6hor182:/var/log/graylog/server# grep wizecore current 2018-08-28_11:19:40.39923 INFO [CmdLineTool] Loaded plugin: SyslogOutputPlugin 1.0.0 [com.wizecore.graylog2.plugin.SyslogOutput] 2018-08-28_11:30:22.95061 INFO [CmdLineTool] Loaded plugin: SyslogOutputPlugin 1.0.0 [com.wizecore.graylog2.plugin.SyslogOutput] 2018-08-28_11:32:06.63050 INFO [CmdLineTool] Loaded plugin: SyslogOutputPlugin 1.0.0 [com.wizecore.graylog2.plugin.SyslogOutput] 2018-08-28_12:01:37.85000 INFO [CmdLineTool] Loaded plugin: SyslogOutputPlugin 1.0.0 [com.wizecore.graylog2.plugin.SyslogOutput]

latheefp commented 6 years ago

current.zip find the attached logs (current)

latheefp commented 6 years ago

Thanks, its fixed after I assign the stream to this output rules.... image