Forward CentOS 7 logs to graylog server


(simple cartoon) #1

** NVM was able to figure it out. Does not have RSYSLOG_SyslogProtocol23Format on my Server2

It appears this question is addressed numerous times,However i am unable to solve the issue. Not sure what i am doing wrong

I have GrayLog Server as Server 1 and I have Reverse Proxy as Server 2. Server 2 has Haproxy installed on it(HaProxy is writing to rsyslog) Both of them are Centos7 machines with selinux enforced and are not part of the domain.

GrayLog server is up and running without any issues. I have an input stream listening on port 7800 to accept and rsyslog via UDP packets. 7800 port is opened through firewall. rsyslog from local machines are forwarded to graylog and they are just working fine.
I am trying to have rsyslog from Server2 available on GrayLog server. I am trying to forward via port 7800 and they does not appear on GrayLog server.

Config files
on Server2

$ModLoad imudp
$UDPServerRun 514
#At the end of the file i have
*.*  @10.0.3.212:7800;RSYSLOG_SyslogProtocol23Format

Config files
on GrayLog Server

$ModLoad imudp
$UDPServerRun 514
#At the end of the file i have
*.*  @127.0.0.1:7800;RSYSLOG_SyslogProtocol23Format

(Jochen) #2

FWIW, you don’t need to run a syslog server other than Graylog on any of the systems (see UDPServerRun in your rsyslog configuration).

Additionally, I’d like to point you to the syslog configuration guide for Graylog:


(system) #3

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.