NXLOG configuration to work with GRAYLOG - Page 1

#1 José Manuel 1 year ago

Hi the pronblem is that all works but I don´t receive any log.

Graylog version 4.3 in debian 11. Sidecar graylog 1.2 and NXLOG 3.0 if my memory doesn´t fail.

What can i do?

Thanks and happy new year.

Permalink

#2 José Manuel 1 year ago (Last updated 1 year ago )

The NXLOG graylog configuration

define ROOT /usr/bin

<Extension gelfExt>
Module xm_gelf
# Avoid truncation of the short_message field to 64 characters.
ShortMessageLength 65536
</Extension>

<Extension syslogExt>
Module xm_syslog
</Extension>

User nxlog
Group nxlog

Moduledir /usr/lib/nxlog/modules
CacheDir /var/spool/nxlog/data
PidFile /var/run/nxlog/nxlog.pid
LogFile /var/log/nxlog/nxlog.log
LogLevel INFO

<Input file>
Module im_file
File '/var/log/*.log'
File '/var/log/apache2/*.log'
PollInterval 1
SavePos True
ReadFromLast True
Recursive False
RenameCheck False
Exec $FileName = file_name(); # Send file name with each message
</Input>

#<Input syslog-udp>
# Module im_udp
# Host 127.0.0.1
# Port 514
# Exec parse_syslog_bsd();
#</Input>

<Output gelf>
Module om_tcp
Host 192.168.194.63
Port 12201
OutputType GELF_TCP
<Exec>
# These fields are needed for Graylog
$gl2_source_collector = '${sidecar.nodeId}';
$collector_node_id = '${sidecar.nodeName}';
</Exec>
</Output>

<Route route-1>
Path file => gelf
</Route>
#<Route route-2>
# Path syslog-udp => gelf
#</Route>

If anybody that can help me needs more data please make a response and I will tried to give you.

Best regards.