I am using graylog2 to manage the logs of a proprietary application we use in my team. The problem is that that application is writing it’s logs on files using UCS-2 LE BOM encoding.
We use the Graylog Collector Sidecar in order to parse our logs.
All the logs reach our graylog2 server without problem, but possibly because of the obscure encoding all the searches we do return no results.
Similarly I try to create Regex extractors for the same logs, but patterns that should obviously match don’t.
Does anyone know of a way we could transform the logs to UTF-8 before we reach graylog2? Unfortunately we cannot change the encoding on the level of the application.
Are you sure about that? Try comparing the timestamps in your log files and the timestamps displayed in Graylog. Also make sure that the system clocks are in sync (e. g. by using NTP).
Please also make sure to format your text snippets properly: Markdown Reference
Example: