Graylog collector dont send any data

Matthieu · October 30, 2018, 10:46am

Hello, I have a problem with graylog collector sidecar.
I try to send logs from collector-sidecar with filebeat to Graylog but nothing is displayed on the web interface.
My URL of Graylog is : http://172.27.7.34:9000

Graylog version : 2.4.6
ElasticSearch version : 2.4.0
Collector-sidecar version : 0.1.6

2018-10-30_11h32_59

My file /etc/graylog/collector-sidecar/collector_sidecar.yml :

  server_url: http://172.27.7.34:9000/api/
    update_interval: 10
    tls_skip_verify: false
    send_status: true
    list_log_files:
    collector_id: file:/etc/graylog/collector-sidecar/collector-id
    cache_path: /var/cache/graylog/collector-sidecar
    log_path: /var/log/graylog/collector-sidecar
    log_rotation_time: 86400
    log_max_age: 604800
    tags:
        - linux
        - apache
    backends:
        - name: nxlog
          enabled: false
          binary_path: /usr/bin/nxlog
          configuration_path: /etc/graylog/collector-sidecar/generated/nxlog.conf
        - name: filebeat
          enabled: true
          binary_path: /usr/bin/filebeat
          configuration_path: /etc/graylog/collector-sidecar/generated/filebeat.yml

The log file of collector-sidecar :

time="2018-10-30T11:41:39+01:00" level=info msg="[filebeat] Configuration change detected, rewriting configuration file."
time="2018-10-30T11:41:39+01:00" level=info msg="[filebeat] Stopping"
time="2018-10-30T11:41:41+01:00" level=info msg="[filebeat] Starting (exec driver)"

The log of filebeat:

 > 2018-10-30T11:41:41+01:00 INFO Home path: [/usr/bin] Config path: [/usr/bin] Data path: [/var/cache/graylog/collector-sidecar/filebeat/data] Logs path: [/var/log/graylog/collector-sidecar]
>     2018-10-30T11:41:41+01:00 INFO Metrics logging every 30s
>     2018-10-30T11:41:41+01:00 INFO Beat UUID: 523e47ed-ab73-4020-9ccc-3e3983d9472a
>     2018-10-30T11:41:41+01:00 INFO Setup Beat: filebeat; Version: 6.1.2
>     2018-10-30T11:41:41+01:00 INFO Beat name: vl-d-0307
>     2018-10-30T11:41:41+01:00 ERR  Not loading modules. Module directory not found: /usr/bin/module
>     2018-10-30T11:41:41+01:00 INFO filebeat start running.
>     2018-10-30T11:41:41+01:00 INFO No registry file found under: /var/cache/graylog/collector-sidecar/filebeat/data/registry. Creating a new registry file.
>     2018-10-30T11:41:41+01:00 INFO Loading registrar data from /var/cache/graylog/collector-sidecar/filebeat/data/registry
>     2018-10-30T11:41:41+01:00 INFO States Loaded from registrar: 0
>     2018-10-30T11:41:41+01:00 WARN Filebeat is unable to load the Ingest Node pipelines for the configured modules because the Elasticsearch output is not configured/enabled. If you have already loaded the Ingest Node pipelines or are using Logstash pipelines, you can ignore this warning.
>     2018-10-30T11:41:41+01:00 INFO Loading Prospectors: 1
>     2018-10-30T11:41:41+01:00 INFO Starting Registrar
>     2018-10-30T11:41:41+01:00 INFO Starting prospector of type: log; ID: 13896357823230510981
>     2018-10-30T11:41:41+01:00 INFO Loading and starting Prospectors completed. Enabled prospectors: 1
>     2018-10-30T11:42:11+01:00 INFO Non-zero metrics in the last 30s: beat.info.uptime.ms=30003 beat.memstats.gc_next=4194304 beat.memstats.memory_alloc=1355728 beat.memstats.memory_total=3175384 filebeat.events.added=1 filebeat.events.done=1 filebeat.harvester.open_files=0 filebeat.harvester.running=0 libbeat.config.module.running=0 libbeat.output.type=logstash libbeat.pipeline.clients=1 libbeat.pipeline.events.active=0 libbeat.pipeline.events.filtered=1 libbeat.pipeline.events.total=1 registrar.states.current=1 registrar.states.update=1 registrar.writes=2

And the file generated :

filebeat:
prospectors:

encoding: plain
exclude_files:
fields:
collector_node_id: vl-d-0307
gl2_source_collector: c6ad1974-fdff-4044-8010-a13ff058dae4
type: log
ignore_older: 0
paths:

/var/log/test.log
scan_frequency: 10s
tail_files: true
type: log
output:
logstash:
hosts:

localhost:5044
path:
data: /var/cache/graylog/collector-sidecar/filebeat/data
logs: /var/log/graylog/collector-sidecar
tags:

linux

apache

If some one have an idea…

system · November 13, 2018, 10:46am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Collector sidecare not getting logs Graylog Central (peer support) sidecar , nxlog , filebeat-linux , nodatanx , nosendlogfblx	6	1657	April 18, 2018
Sending local log from Sidecar and Filebeat to Graylog Graylog Central (peer support) filebeat-linux	4	304	December 5, 2023
Graylog logs are not receiving log with filebeat Graylog Central (peer support) sidecar , filebeat-linux	4	697	May 9, 2023
Collector_sidecar failed to send data to Graylog application Graylog Central (peer support) sidecar , nxlog , filebeat-linux , nodatanx , send-csv-logsnx , nosendlogfblx	9	3494	December 28, 2017
Graylog backend not starting Graylog Central (peer support) sidecar , filebeat-linux , nosendlogfblx , failoadcongfigfblx	2	1236	March 28, 2018

Graylog collector dont send any data

Related Topics