Graylog Sidecar 1..5.2 - no messages in Graylog

Graylog Central (peer support)
1

Set up Graylog in Docker, able to log in and rsyslog → docker running perfectly
Set up sidecar on two systems. They show up in sidecars but no data is arriving in Graylog.

Debian 12
Graylog 6.0.5
Sidecar 1.5.0.2
Followed howto on the Graylog site

Nothing of note in the logs of the sidecars or Graylog

Able to send raw data to port 5044 using netcat

Tried several config changes, but nothing helped. Any idea what i’m doing wrong?

sidecar.yml

'# The URL to the Graylog server API.
server_url: “http://someip:9000/api/

'# The API token to use to authenticate against the Graylog server API.
'# This field is mandatory
server_api_token: “secret”

node_name: “box2”

update_interval: 10

tls_skip_verify: true

send_status: true

list_log_files:
- “/var/www/html/storage/logs”
- “/var/log”
- “/var/www/html/logs”
- “/var/log/nginx/”

2

Hey @phalessummit,

You’ve listed the the sidecar.yaml here and the sidecars show up within your Graylog instance which suggests everything from this perspective is working as it should.

The next step is to configure and assign a log collector to the running sidecar instances. This part of the docs should help get you there. Post back here is you hit more problems.

3

This part was the missing piece:

Ingest from Files (graylog.org)

1 Like
4

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.