Forward logfile to graylog

mcoussi · October 13, 2022, 12:39pm

Hi,

I have a linux server and i forward the system logs to a graylog server.

But i have a log from a backup process created in /tmp/backup.log.

How can i forward this logfile to graylog ?

Thanks for your help,

Matt

mcoussi · October 13, 2022, 12:56pm

Hi,

I have follow this article [DBMentors - Inam Bukhari's Blog: Configure Rsyslog with Any Log File] and now my logfile is send to graylog and i see the trace.

But how can i say to rsyslog to take the first column of the trace file to get the time date ?

Here line of trace file :

2022/10/13-14:46:17 database sauvegarde: debut_script: debut - lancement script de sauvegarde
2022/10/13-14:46:17 database sauvegarde: arguments: database name : DATABASE
2022/10/13-14:46:17 database sauvegarde: arguments: catalogue RMAN: RMAN
2022/10/13-14:46:17 database sauvegarde: arguments: backup type : level_0
2022/10/13-14:46:17 database sauvegarde: arguments: purge ArchiveLog : 0

Thanks for your help,

Matt

gsmith · October 13, 2022, 9:31pm

Hello @mcoussi

I had to do this a couple times. Most, if not all log shippers place a bit on log file so it knows where the knew logs start. I’m not sure if beat shippers can do this but when I test configuration from forum this is how i upload those files.

In Nxlog you create a INPUT

<Input old_log_file>
  Module   im_file
  File    "C:\some\path\to\old\file\greg_labtop.log"
  SavePos TRUE //This saves the Posistion after NXLog restarts or starts. Set to FALSE to scan all of the Log file. When done sending set it back if need be.
  ReadFromLast TRUE //If ReadFromLast is FALSE, the module will read all logs from the file. .
  PollInterval 1
</Input>

Don’t forget to set the Output and Route.

<Route >
    Path   old_log_file=> out
</Route>

When you execute

root # systemctl restart nxlog

It will grab all the logs on that file/s.

Example I used your logs from above.

As for

Perhaps the Timestamp in the picture above is what you want?

mcoussi · October 21, 2022, 1:48pm

Hi,

I have resolved my problem with the logger command in my backup script to write in local syslog of server and forward it to Graylog.

logger -t mysql-${OPE_DB_NAME,,}-backup "${OPE_FONCTION^h}: ${OPE_STDOUT}"

Thanks for your time and your help,

Matt

system · November 4, 2022, 1:49pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to forward syslog messages stored on NFS location to graylog Graylog Central (peer support)	5	1420	September 23, 2017
How to show logs coming from a specific file on graylog? Graylog Central (peer support)	3	2325	July 8, 2017
Forward proftpd and sftp logs to graylog server Graylog Central (peer support)	2	642	September 25, 2021
Selecting wich log to send using rsyslog Graylog Central (peer support)	1	495	March 29, 2018
NXlog rsyslog template Graylog Central (peer support)	2	1437	November 13, 2017

Forward logfile to graylog

Related Topics