1
answer

Send file to Graylog im_file not working.

I have a very basic setup. I was easily able to get the general syslog functionality working.

I have been unable to get the file transport working. I've spent several days trying alternative configurations and Googling for help; all to no avail.

I also tested with om_file - trying to just grab the file and output it locally - the outcome was just a blank file.

Any help will be greatly appreciated.

Here is my config:

AskedMay 8, 2017 - 10:59pm
1
answer

How to add a field for the file offset?

We are pushing logs from file with the im_file module to logstash and then to elasticsearch. However, some of these logs only have second accuracy, and therefore not returned in order by elasticsearch when sorted by just the time. To get around this problem, we would like to add the position of the log event to a field that we store (for example beginning line number or byte offset within the source file).

AskedNovember 18, 2016 - 1:11am

Pages