Hello lovely community!
Having a bit of trouble with a Graylog installation on Azure.
Its running ok - I can log in, specify inputs etc.
I use nginx to proxy the ports on the front interface (due to the way that Azure exposes its Its).
So i have nginx forwarding port 80 to 9000, and then have an input which routes 12200 to 12201.
NXlog is sending messages, but for every message I get the following:
INFO connecting to <myserver>:12200 ERROR om_tcp received data from remote end (got 100 bytes) ERROR last message repeated 2 times ERROR om_tcp received data from remote end (got 43 bytes) INFO reconnecting in 1 seconds ERROR om_tcp detected a connection error; End of file found
So its getting through the nginx proxy, but the connection is being terminated by the server.
I used curl to try and connect to the 12200 port to see if it was forwarding, and the server.log of graylog had error lines all over it - so its clearly getting to the graylog server.
Any ideas why it would create an end of file??
Heres some config.
<Output 5a66385c7c6291c4ddec3484> Module om_tcp Host <mysever> Port 12200 OutputType GELF_TCP Exec $short_message = $raw_event; # Avoids truncation of the short_message field. Exec $gl2_source_collector = '331bd8e3-435d-42d5-87bc-fb83fbd36fa9'; Exec $collector_node_id = 'gra-001'; Exec $Hostname = hostname_fqdn(); </Output>
Any help at all is greatly appreciated!