Here the deal , installed graylog a couple days ago.Planned to log all messages from switch that we have in production.The problem is that graylog only logs level 6 messages and no other level message.
I am neewbee so i don’t know that much about graylog.
specs: ubuntu 22.04 graylog 4.3.15 elasticsearch7.10.2 mongodb6.0.13
thanks!
What are you sending to graylog via syslog and how is that configured to send?
My initial thought is that this sounds like the syslog level on the source device needs to be changed. If you are getting any messages logged in graylog this indicates graylog is working as intended.
Also, if you can, I recommend upgrading to a newer version of graylog as 4.3 no longer supported.
I am logging aruba switch.
logging ip-address udp port 1514 severity debug(so that it sends all logs to graylog)
So i should just upgrade graylog to newer version ?
Can’t hurt just to rule it out.
Another thing you may check is the server.log (usually /var/log/graylog-server/server.log) for any errors.
On some devices Log Level Debug could be a problem, like using UDP which is also not without problems sometimes.
took your advice and did a complete makeover graylog 5.2 opeansearch 2.5.0 mongod5.0.24 and still get the same problem 
log file is like a mile long,any specific error…
and funny this is it logs commands when a do ssh to switch that are also level 6 but no other level