New user to Graylog/filebeat.
Data flowing in via Raw/Plaintext TCP appears garbled/encrypted/encoded. Most settings are still default. Using this input defn:
- bind_address: 0.0.0.0
- charset_name:
- max_message_size: 2097152
- number_worker_threads: 2
- override_source:
- port: 5044
- recv_buffer_size: 1048576
- tcp_keepalive: false
- tls_cert_file:
- tls_client_auth: disabled
- tls_client_auth_cert_file:
- tls_enable: false
- tls_key_file:
- tls_key_password: ********
- use_null_delimiter: true
What am I missing?
Host#1 (Ubuntu 22), running filebeat to send syslogs/mysql/etc logs to Host#2 (graylog).
Almost all configs are defaults
Host#2 (Ubuntu 20), running a self installed instance w/ the following components:
- ii elasticsearch 7.17.20 amd64 Distributed RESTful search engine built for the cloud
- ii graylog-5.0-repository 1-2 all Package to install Graylog 5.0 GPG key and repository
- ii graylog-server 5.0.13-1 amd64 Graylog server
- ii mongodb-database-tools 100.9.4 amd64 mongodb-database-tools package provides tools for working with the MongoDB server:
- ii mongodb-mongosh 2.2.4 amd64 MongoDB Shell CLI REPL Package
- ii mongodb-org 6.0.14 amd64 MongoDB open source document-oriented database system (metapackage)
- ii mongodb-org-database 6.0.14 amd64 MongoDB open source document-oriented database system (metapackage)
- ii mongodb-org-database-tools-extra 6.0.14 amd64 Extra MongoDB database tools
- ii mongodb-org-mongos 6.0.14 amd64 MongoDB sharded cluster query router
- ii mongodb-org-server 6.0.14 amd64 MongoDB database server
- ii mongodb-org-shell 6.0.14 amd64 MongoDB shell client
- ii mongodb-org-tools 6.0.14 amd64 MongoDB tools