How to use graylog to view logs from multiple machines [Mainly Windows]

nodes · October 16, 2020, 2:35pm

Hey guys -

Very new to Graylog here. Recently got it set up to receive Syslog input from my main firewall, and installed the sidecar to start receiving logs as well.

The part i’m having trouble understanding is: how should it be set up if you have multiple windows servers, and would like to send the logs to the Graylog server? Will I need multiple sidecars for each server, or does the sidecar act as a centralized log collector? If so, what’s the right way to configure the sidecar and the separate servers to send their logs to the sidecar?

Any help would be greatly appreciated!

Thanks.

shoothub · October 16, 2020, 3:10pm

Please read the docs, how sidecar works:

Sidecar is only configuration manager, what deploy configurations from collector agents like beat (filebeat, winlogbeat), nxlog etc. So you need to install sidecar on overy windows servers.

system · October 30, 2020, 3:10pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Sending Windows Logs to GrayLog Graylog Central (peer support) sidecar , winlogbeat	3	6482	August 4, 2021
Send logs from Windows (Filebeat) to Graylog Graylog Central (peer support) sidecar , filebeat-linux , filebeat-windows , winlogbeat , nosendlogfblx	4	5399	June 28, 2019
Graylog Sidecar Collector, NXLOG and Windows Events Graylog Central (peer support) sidecar	5	6944	February 16, 2017
Active Directory Audit logs for accounts, DNS Graylog Central (peer support)	13	1650	January 26, 2024
Graylog Sidecar doesn´t send logs Graylog Central (peer support) sidecar	4	49	November 11, 2024

How to use graylog to view logs from multiple machines [Mainly Windows]

Related topics