HI There. I am returning to Graylog after nearly a year. I have installed an AWS Instance from the link your web site and was able to access it via its public IP at the first attempt. This is a huge improvement over my previous experience so congratulations to all concerned.
Flushed with success I have redirected a TCP514 syslog from an adjacent AWS Centos image to my Graylog server. I created an input but it keeps failing. I’ve tried TCP, UDP, 513, 514, bind 0.0.0.0 and 127.0.0.1 and the AMI internal address of 10.0.0.22. I’m not seeing anything. I have two questions;
- When setting up the input you need to set a bind address. On an AMI should I specify the the internal IP address or does the AMI build link this to 0.0.0.0
- Will the Graylog server receive logs on port 514 or do I have to get the source changed to use a higher port such as 1514? (the source is a locked down image and I have to get the supplier to make the necessary change).
Thanks in advance