After a bit of trial and and lots of reading, I managed to get Graylog2 working like a charm
I'm using NXLOG to send the logs to Graylog via GELF UDP
Right now I'm just testing and trying diffrent things.
Right now I';m testing with just 4 servers (have close to 100) has consumed a fair bit of space
So to evaluate usage, I figured I'd just send the security logs (these are all Windows Servers)