I have a general questions about getting a custom log source into Graylog.
Say my log source is a file which I am sending into Graylog using NxLog. One option would be to use the JSON module of NxLog to create JSON logs and send the logs in to a GELF input.
If I took this option, would I not have to write an extractor to get the fields out I wanted as JSON is supported?
If I choose not to use the JSON module of NxLog but send the raw logs into a GELF input, I am assuming I would need an extractor to create fields. Am I Correct.