Hi,
Ubuntu 22.04 VM, which is using as rsyslog proxy, can’t write logs to graylog server. Traffic is allowed, I see packets at pcap at graylog server, FW rules are correct - but still data is not populated to database.
From proxy VM:
2023-08-31 13:55:22 err omfwd: remote server at X.X.X.X:X seems to have closed connection. This often happens when the remote peer (or an interim system like a load balancer or firewall) shuts down or aborts a connection. Rsyslog will re-open the connection if configured to do so (we saw a generic IO Error, which usually goes along with that behaviour). [v8.2112.0 try You searched for error 2027 - rsyslog ]
From graylog server logs:
2023-08-31T 13:55:59.431+03:00 ERROR [AbstractTcpTransport] Error in Input [Syslog TCP/64f06269941d683a58d4a6d6] (channel [id: 0xa4905200, L:/X.X.X.X:X ! R:/X.X.X.X:X]) (cause io.netty.handler.codec.DecoderException: java.lang.NumberFormatException: For input string: “2023-08-31”)
Any idea what can be the issue?
