Request trial
Request Trial

ERROR om_tcp detected a connection error;Connection reset by peer

Tags: nxlog graylog
#1 jmcgranahan

I am attempting to use NXLog in conjunction with Graylog's Sidecar Collector to send data to my Graylog server. I have been able to successfully telnet to my Graylog server through port 5044, so I know it is not a firewall issue, yet I keep getting these errors in my NXLog error log:

2017-11-08 14:37:09 ERROR om_tcp detected a connection error;Connection reset by peer 2017-11-08 14:37:25 ERROR om_tcp detected a connection error;End of file found

And nothing is being received by my Graylog server.

Here is my generated NXLog configuration:

define ROOT /usr/bin

<Extension gelf> Module xm_gelf </Extension>

User nxlog Group nxlog

Moduledir /usr/libexec/nxlog/modules CacheDir /var/spool/collector-sidecar/nxlog PidFile /var/run/graylog/collector-sidecar/nxlog.pid

define LOGFILE /var/log/graylog/collector-sidecar/nxlog.log LogFile %LOGFILE% LogLevel DEBUG

<Extension logrotate> Module xm_fileop <Schedule> When @daily Exec file_cycle('%LOGFILE%', 7); </Schedule> </Extension>

<Input 59fcda86ccba8e2573422cb4> Module im_file File '/var/log/httpd/syriac_access_log' PollInterval 1 SavePos True ReadFromLast True Recursive True RenameCheck False Exec $FileName = file_name(); # Send file name with each message </Input>

<Output 59fcda56ccba8e2573422c80> Module om_tcp Host graylog.library.vanderbilt.edu Port 5044 OutputType GELF_TCP Exec $short_message = $raw_event; # Avoids truncation of the short_message field. Exec $gl2_source_collector = '485f3ca7-ca1e-4959-be00-117a50e2b1db'; Exec $collector_node_id = 'graylog-collector-sidecar'; Exec $Hostname = hostname_fqdn(); </Output>

<Route route-0> Path 59fcda86ccba8e2573422cb4 => 59fcda56ccba8e2573422c80 </Route>

I would appreciate any advice or guidance. Thank you!

Permalink
#2 b0ti Nxlog ✓
#1 jmcgranahan
I am attempting to use NXLog in conjunction with Graylog's Sidecar Collector to send data to my Graylog server. I have been able to successfully telnet to my Graylog server through port 5044, so I know it is not a firewall issue, yet I keep getting these errors in my NXLog error log: 2017-11-08 14:37:09 ERROR om_tcp detected a connection error;Connection reset by peer 2017-11-08 14:37:25 ERROR om_tcp detected a connection error;End of file found And nothing is being received by my Graylog server. Here is my generated NXLog configuration: define ROOT /usr/bin <Extension gelf> Module xm_gelf </Extension> User nxlog Group nxlog Moduledir /usr/libexec/nxlog/modules CacheDir /var/spool/collector-sidecar/nxlog PidFile /var/run/graylog/collector-sidecar/nxlog.pid define LOGFILE /var/log/graylog/collector-sidecar/nxlog.log LogFile %LOGFILE% LogLevel DEBUG <Extension logrotate> Module xm_fileop <Schedule> When @daily Exec file_cycle('%LOGFILE%', 7); </Schedule> </Extension> <Input 59fcda86ccba8e2573422cb4> Module im_file File '/var/log/httpd/syriac_access_log' PollInterval 1 SavePos True ReadFromLast True Recursive True RenameCheck False Exec $FileName = file_name(); # Send file name with each message </Input> <Output 59fcda56ccba8e2573422c80> Module om_tcp Host graylog.library.vanderbilt.edu Port 5044 OutputType GELF_TCP Exec $short_message = $raw_event; # Avoids truncation of the short_message field. Exec $gl2_source_collector = '485f3ca7-ca1e-4959-be00-117a50e2b1db'; Exec $collector_node_id = 'graylog-collector-sidecar'; Exec $Hostname = hostname_fqdn(); </Output> <Route route-0> Path 59fcda86ccba8e2573422cb4 => 59fcda56ccba8e2573422c80 </Route> I would appreciate any advice or guidance. Thank you!

Something is closing the connection, this is what the log message is telling you. NXLog does not know why the remote closes the TCP connection. You should look at graylog's logs or check your network.
Login to see more

Subscribe to our newsletter to get the latest updates, news, and products releases.

© Copyright 2024 NXLog Ltd.

PRIVACY POLICY GENERAL TERMS OF BUSINESS