Get logs from inputs

Hi community,
I’m not able to get any log from Syslog UPD port 514 but from UDP RAW port 514.
does anyone know why?


Maybe the clients sending invalid syslog messages.

You can check if the input receives any data at all, e. g. using Wireshark or tcpdump.

I receive data from them. actually GL also but messages can’t be processed and after a few minutes I get high disk utilization error.

Why can’t they be processed?

is there any way to check that why? I can’t see anything in logs!

You could post the logs of your Graylog and Elasticsearch nodes.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.