Installation and Graylog Client Configuration

1: successfully installed Graylog on centos7 platform where i can access graylog Dashboard.

2: But unable to add my 4 remote server which is based on Linux but hosted at different data center so please suggest me how can i do it, i already did below steps:

added this /etc/rsyslog.d/90-graylog2.conf with below content

$template GRAYLOGRFC5424,"%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msg%\n"
*.* @13.228.147.140:1514;GRAYLOGRFC5424

also restart rsyslog service and allow the necessary port from IPTABLES.

please advise.

Thanks,
Sandeep
9540314440

What type of input have you created in Graylog?
What’s the complete configuration of that input?
Is 13.228.147.140 the correct IP address and 1514/udp the correct port of the input you’ve created in Graylog?

Hi,

Thanks for your quick reply.

yes i added below lines in my remote server at this path vim /etc/rsyslog.d/90-graylog2.conf

$template GRAYLOGRFC5424,"%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msg%\n"
. @13.228.147.140:1514;GRAYLOGRFC5424

and following below steps to add this client machine on my Graylog:

1: Browsing this IP address 13.228.147.140:9000 (user name admin and Password is ****)
2: Here i selected system/Inputs —> Inputs after that i am getting this screen (for reference please find img1.png, img2.png, img3.png and img4.png)

but it giving me an error, so please advise.

Thanks,
Sandeep Singh
+91-9540314440

There are no screenshots in this post.

Do you think it would be useful to share details about the error? :thinking:

Can you please reply ?

I’ve already replied. Unfortunately you’ve withheld any information which might lead to a solution of the problem.

Input Type: Global
Bind Address: 101.53.131.102
Port Number: 514
rest info are pre-filled information.

i pointed Graylog Server Public IP address (13.22.147.140) at this domain name sandeepsingh.org:9000

but it is not accepting to add under input.

Thanks,
Sandeep

You’re using port 1514 in your rsyslog configuration.

no i changed it with port number 514.
Also i can send log to from graylog client (logger -i “Message Log”) to graylogserver under /var/log/message.

Hi Jochen,

Please let me know if you need any other information to resolve my issue.

Thanks,
Sandeep

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.