Hi, all:
Through Sidecar, I have send the linux log files to graylog. In the System->Sidecars ->Name(centos) -> Log Files. I can see many files,such as log folder, log files(which is xml) .
Could you please give me some advices? how to make the xml files display on the Graylog?
Thanks.
System->Inputs->Show received messages
"Nothing find ".
the Input, create step as follow:System->Inputs->GELF UDP->Launch new input->“Bind address” is “0.0.0.0”, "Port " is “12201”
Hi zoulja:
today I use filebeat, now graylog can received messages .Thanks.
other question, if can design the format of the log display?
Not sure I understand your question properly.
Can you provide some example?
Hi zoulja:
I want to make graylog message show storage audit logs.(which incule who and when do some opertaions on which file or folder) every log like this : 2019-10-14 14:20:03 11.11.11.11 cifs - 0 0 read file /test dd.txt - -17 2019-10-14 14:20:03 success
now the logs show in Messages , and I want to know can I change the messages’ navigation bar to time , client, protocol type,operation type, detail ?
Have you configured any Extractor?
It will parse/split message into separated fields
no , there are no any extractor .
Could you please give me some advice? or some example ?
Go to your Input, press “Manage extractors” and create some Extractor.
From my experience ‘Grok pattern’ type is the simplest one.
ok , i will try , thanks.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.