I am upgrading to Graylog 3 from version 2 and I am trying to figure out how best to manage the NXLog agent configurations. At the moment, I am using the Collector Sidecar on the server to manage NXLog, with tags configured on each client node. The node tag configuration is automated with Puppet. This approach no longer works with Graylog 3 and has to change.
This discussion is quite helpful:
It suggests there are two options:
- don’t use the new Sidecar and manage NXLog on each node directly with Puppet
- use Puppet to manage the Sidecar using the API
Which of these approaches is better? Is there any advantage to using the Sidecar? Am I missing out if I don’t use it?