I want to separate logs

Hello

I want to separate logs. For example Centos comes in 7 separate Ubuntu 16.04 separate logs. Can I separate them according to the system?

Yes, that’s possible if you have some attribute/message field which contains the operating system being used.

It should be easy to use (at least) two different inputs in Graylog, one for each type of operating system, and add a static field to the received messages.

So I have to open a separate service for each operating system?

That’s one possibility.

In the end it all depends on how you send the logs and if they contain any usable information about the operating system. If they don’t, you have to work around this shortcoming.