Get logs from inputs


(Nimol) #1

Hi community,
I’m not able to get any log from Syslog UPD port 514 but from UDP RAW port 514.
does anyone know why?

Thanks


(Jochen) #2

Maybe the clients sending invalid syslog messages.

You can check if the input receives any data at all, e. g. using Wireshark or tcpdump.


(Nimol) #3

I receive data from them. actually GL also but messages can’t be processed and after a few minutes I get high disk utilization error.


(Jochen) #4

Why can’t they be processed?


(Nimol) #5

is there any way to check that why? I can’t see anything in logs!


(Jochen) #6

You could post the logs of your Graylog and Elasticsearch nodes.

http://docs.graylog.org/en/2.3/pages/configuration/file_location.html


(system) #7

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.