Hi Everyone,
I just got back to redesigning how my logging is setup and decided to use my Docker skills to build out everything. I used the Graylog documentation site as a guide, but had to customize a couple of options for my environment. One being adding custom Bind Volumes mounted to my RAID drives.
Running the latest Docker, and then separate linked containers for Elasticsearch, MongoDB, and Graylog v4.02. I imported a content pack for my firewall I made as a backup to the work I put in before. Everything imports, but my GeoIP Lookup Tables, Cache, etc. nor my Pipeline rules seem to be catching any of the logs as they hit my Input.
Is there some magic way to reconnect the pieces or debug them to see why the logs are not passing through as they should?
Thanks,
Jeff