Missing a host in “Source” Section, but is still receiving message through Syslog UDP Input.
Environment all in one server;
CentOS Linux release 7.4.1708 (Core)
I converted all my Windows/Linux Syslog UDP Input/s to GELF_TCP using TLS. All Windows/Linux host are using the latest NXLOG. As shown below is the Windows Input configuration;
Localhost (Graylog-Server) Input is configure as shown below;
My Security Device (firewall) Input is configure as follow;
My security device name is no long visible in the source section.
My Input for the security device, all the messages coming through in real time,
Example shown below;
This happened when I change my Input configuration for my localhost(Graylog-Server). Should I not use Gelf_TCP on localhost? If anyone has a suggestion I would really appreciate it.
Thank in advance