How to make sure that the logs are sent in Graylog by TCP?
I want to check if the log message was sent to the graylog by TCP or not. And if not, then receive an exception with information (“timeout exception” or something similar).
I use Graylog 4.1.0 (in ubuntu 20.04) with Serilog (2.10.0) [nuget], Serilog.Sinks.Graylog (2.2.2)[nuget] and .Net core 2.1.
Summary of your code snippet or config here
public class LogHandler : ILogHandler
{
private readonly Serilog.ILogger _logger;
public LogHandler(Serilog.ILogger logger)
{
_logger = logger;
}
public void Handle(LogMessage logMessageModel)
{
// Need check result of this action OR catch exception if action finished with error
// I tried to disconnect the server with Graylog, but there were no exceptions or errors
Serilog.ILogger test = _logger.Information(logMessageModel.MessageText);
}
}
Correct me if I’m wrong, but there are a couple ways to find out if logs were sent to Graylog using TCP. Since TCP is a three -way handshake you can do the following.
Depending on how you shipped the logs you can check the logs files on your remote device, for an example Nxlog you can see in the log file if the connection was returned or no connect at all.
This example of Nxlog log file using GELF TCP/TLS.
2021-09-21 17:55:18 INFO connecting to graylog.domain.com:5140
2021-09-21 17:55:18 INFO nxlog-ce-2.10.2102 started
2021-09-21 17:55:19 INFO successfully connected to graylog.domain.com:5140
If Graylog is setup with a UDP Input and your remote device is configured for TCP. Then the Remote device should drop the connection since Graylog will not send a ACK packet. This is vice versa with Graylog.
Also to help you get a better response in the community have a look at this Post.
