Hi everyone, i’m new to graylog, just yesterday i deploy it using the docker-compose file in the official docs.
My question is:
What is the best practies in this scenario?
Thanks 
All messages that are sent to graylog require a hostname in some way. For example, the syslog RFCs require a hostname as part of a valid syslog message. When using GELF, a hostname is required as well.
This allows graylog to sort the messages by original source/hostname. Let me know if this does not make sense or you have further questions.
Hi and thx for answering
Yes i understand more or less, i configure 1 openwrt device and i receive the log, but as i said in the 1st post i have 20-30 device i want to receive syslog and most of the has the same hostname for example “fw01” or “srv01” so is there a way to customize for example for receive the log with “customername-fw01” ?
This is a screenshoot of a receive log message:
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
