How to forward syslog messages stored on NFS location to graylog


#1

Hello,

I already have syslog server in my environment which keeps all syslog messages in NFS location.
My question is on “how to forward syslog messages stored on that NFS location to graylog” .

Thanks in advance


(Jochen) #2

You can use any log shipper, such as Filebeat, NXLOG, or Logstash, to read these files and send them to Graylog.

Also take a look at the Graylog Collector Sidecar: http://docs.graylog.org/en/2.3/pages/collector_sidecar.html


(xorloader41) #3

NXLOG is a good option. Try that


#4

Thanks! I used NXLOG to send these files to Graylog.

The only trouble I have is that forwarding works only if I select GELF TCP .
UDP is not working. What could be the reason?


#5

Just out of curiosity. Why is using TCP a problem? I find it works fine. You can configure NXLog to re-establish the connection on regular intervals, if you need that due to load balancing or some other reason.


(system) #6

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.