Fluent bit to graylog

I have installed fluent-bit in my local vm
and done configuration as:

Mode udp
Port 5140
Name syslog
Buffer_Chunk_Size 32000
Buffer_Max_Size 64000

name udp
Port 5518
Format json_lines
tls off
tls.verify Off
tls.ca_file /etc/graylog/server/
tls.crt_file /path/to/client_certificate
tls.key_file /path/to/client_certificate_key

I have installed fake sonicwall logs in my windows and given udp with 5140 port and vm ip.

Created graylog input raw/plaintext udp with 5518 port

These are my sonic fake loger
Oct 31 14:53:32 SSLVPN: id=sslvpn sn=18B1694D3878 time=2023-10-31 14:53:32 vp_time=2023-10-31 14:53:32 fw= pri=5 m=2 c=102 src= dst= user=“sarahrodriguez” user=“sarahrodriguez” msg=“NetExtender disconnected” duration=243 bytesIn=111879 bytesOut=619359 bytesTotal=731238 packetsIn=569 packetsOut=630 packetsTotal=1199 maxThroughput=144052 avgThroughput=3009 agent=“” Oct 31 14:53:36 SSLVPN: id=sslvpn sn=18B1694D3878 time=2023-10-31 14:53:36 vp_time=2023-10-31 14:53:36 fw= pri=5 m=2 c=2 src= dst=system.myhealth.com user=“sclark” user=“sclark” msg=“User logged out” active=1612 duration=1612 agent=“SonicWALL NetExtender for Windows 8.6.268 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1)”

I am getting logs to fluent but not to graylog

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.