Hmail log monitoring to Graylog

Graylog Central (peer support)
1

Hi everyone:

Someone posted similar Q: Hmail Log Mointoring
But I couldn’t find the solution

Little about me:
I am new to Graylog ( I installed graylog yesterday and did alot of research for sending the hmailserver log to gray ( I wanted a way to send it from nxlog but I couldn’t find something which helped me in better understanding ( maybe thats only me )

So Help would be appreciated if someone can post the Input and also the nxlog -> with hmailserver log to send

Research:
I found this thing : https://github.com/breakandinspect/graylog

Hmailserver and I have no idea where/how to use it

Thank you.

2

He

you might want to read the getting started guide first: http://docs.graylog.org/en/2.5/pages/getting_started.html

If you have decided what shipper you want to use, you need to create the configuration for that shipper to pick up the log file and hand it over to Graylog.
You need on Graylog one Input that accept the messages from the shipper, in addition you need to normalize the log messages. That could be done by extractors or a processing pipeline.

Hope that his will give you enough input to continue.

3

Hi Jan-

Thank you. I configured the input for NX LOG and on the machine from which I want to send the logs I did installed NXLOG but I can’t find anything ( specifically for hmailserver so that I can add it to NXLOG which would send that to Graylog )

4

I do not know the product (hmail) - does it write a log file or does it write to windows event?

5

It does write log to a file

I attached a picture of that

6

please read the getting started guide how to ingest logfiles

7

Fixed Thank you :slight_smile:

8

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.