Hi.
I have problem with Graylog and Sophos UTM logs.
My Graylog version: v2.0.3
Sophos: UTM 9.
I configure syslog on Sophos and Graylog receive logs from Sophos.
When I click show received messages, I do’t see any messages.
I only see: “Nothing found”
I try to import extractor “Graylog Sophos UTM 9 Extractors”, but doesn’t work.
What can I do to resolve this problem?
Thanks in advance for any help.
I ran into a similar situation with a different source of logs. Turned out that I was expecting TCP data when it actually came over UDP. I figured it out by doing a packet capture on the Graylog server listening for any traffic that originated from the IP that was sending logs.
Best of luck!
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.