We introduce graylog gradually to a project. At the first level, the graylog server is a remote unreliable server and we’d like to push data to the graylog server from local files. That way all messages reach the graylog server (sooner or later). We plan to push the messages via nxlog.
I can reconfigure the java application via log4j.properties but the gelf appender directly logs to a tcp/udp socket.
Is there a way to reconfigure the java app to produce logs to gelf format and make nxlog to push to graylog server?
Or is there an other solution, which has
local file logging
uploads logs to graylog server whenever there is a connection to the graylog server?
I have configured log4j.properties to create log file/s not to configure it with GELF. I used NXLOG to send them via GELF to Graylog server. Once the log file is create just use NXLOG. Create/configure an EXTENSION >INPUT > OUTPUT > ROUTE.
Example below is a file, formated with GELF and sent TCP/SSL.
Sorry but I don’t understand your answer. Where will be the logs converted to graylog compatible format? My java application currently emits log with multiline stacktraces and such, so it was not enough to just pass to graylog server as is.
Sorry about my brief answer, I hope this makes it more understandable. I’m not sure what Operating system your using ,but the following statements are for Linux.
NXLog will convert them by using any one of its Extension Modules. As shown below.
You can configure NXlog INPUT to point to what ever log file you want to get data, ( Make sure it has permissions to read the file)
Here is an example :
<Input in>
Module im_file
File "/var/log/some_log_file.log"
SavePos TRUE //This saves the Posistion after NXLOg restarts or starts. Set to **FALSE** to scan all of the Log file. When done sending set it back if need be.
ReadFromLast TRUE //If ReadFromLast is **FALSE,** the module will read all logs from the file. .
PollInterval 1
</Input>
