Graylog 3 Sidecar Config Management

I am upgrading to Graylog 3 from version 2 and I am trying to figure out how best to manage the NXLog agent configurations. At the moment, I am using the Collector Sidecar on the server to manage NXLog, with tags configured on each client node. The node tag configuration is automated with Puppet. This approach no longer works with Graylog 3 and has to change.

This discussion is quite helpful:

It suggests there are two options:

• don’t use the new Sidecar and manage NXLog on each node directly with Puppet
• use Puppet to manage the Sidecar using the API

Which of these approaches is better? Is there any advantage to using the Sidecar? Am I missing out if I don’t use it?

Which of these approaches is better? Is there any advantage to using the Sidecar? Am I missing out if I don’t use it?

No ‘better’ way - just a different. If you already have config management, use that. Because it will be one moving part less in your setup.

Thanks for getting back to me. Is it correct to say that the Sidecar is really an alternative to managing FileBeats/NXLog with Puppet/Chef/Ansible?

it is - but also the ability to manage all kind of collectors. like osquery, rsyslog or similar.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.