I appreciate all your help. I think am am still not describing the problem right. My problem from the first post is that I am unable to get source IP for my logs. I am intending to use these for geo-location and other things but that is not what I am struggling with, I got that part working.
I am sending logs via UDP protocol according to the GELF spec posted here:
I am not sure what log shipper is but I use no third-party code, I literally open an UDP connection and send payload similar to this:
This log is received by graylog’s
GELF UDP input node and everything works fine, I can see all the posted fields from my messages, except I do not know where to get IP address (that I do not send as part of the log message but I expect graylog to know it).
By trial and error I have found that by omitting a mandatory
host field in GELF message I will get the source IP substituted there, but this generates a lot of warnings since my messages are missing a mandatory field.
So I still don’t know how to get source IP when
host field is preset in my message. And again, I do not want to send it as another field, I wanted to get it automatically on the receiving side.
Perhaps I can file a bug on github.