Integrating Graylog GLEF with PHP and Perl

i want to integrate (Logging) graylog 3.0.2 from two different applications(API and reporting system), the first application written in PHP 7, and second application written in Perl.

i found GELF library for PHP and perl, but it only supports graylog2

Is there a GELF library for graylog 3.0.2 ? or should i replace graylog3 version with graylog2

did you have a reason that you ask the same question in all available ways ( Github, IRC and this community)?

I have written the answer in my comment closing the Github issue.

Thank You for your response Jan, i will submit similar issues to graylog community only.
when i tried to log data through below code:
curl -XPOST -p0 -d ‘{“short_message”:“Hello there”, “host”:“”, “facility”:“test”, “_foo”:“bar”}’
i got below message
curl: (56) Recv failure: Connection reset by peer
although i created GELF TCP input listen to
please note that the graylog is installed on docker machine (
Any advice please

you created a GELF TCP Input, but using the method to send GELF HTTP …

Just sort out the way of submitting data:

When you have a GELF TCP input, you need this:

echo -n -e '{ "version": "1.1", "host": "", "short_message": "A short message", "level": 5, "_some_info": "foo" }'"\0" | nc -w0 12201

i tried to execute below code(localhost), but i did not recieve any messages in graylog
echo -n -e ‘{ “version”: “1.1”, “host”: “localhost”, “short_message”: “A short message”, “level”: 5, “_some_info”: “foo” }’"\0" | nc -w0 localhost 12201

Also i tried to Run HTTP request :
curl -X POST -H ‘Content-Type: application/json’ -d ‘{ “version”: “1.1”, “host”: “”, “short_message”: “A short message”, “level”: 5, “_some_info”: “foo” }’ ‘
but i received below response
curl: (56) Recv failure: Connection reset by peer

Updae: after many tries, below http Request sucess

curl -X POST -H ‘Content-Type: application/json’ -d ‘{ “version”: “1.1”, “host”: “”, “short_message”: “A short message”, “level”: 5, “_some_info”: “foo” }’ ‘

when i made above request through graylog Gelf library(Gelf for Perl),
the connection refused, please check below request and response details,i really appreciate your help and advice

Request Details:
URL : ‘’;
Header [ ‘Content-Type’, ‘application/json’ ];
Request Details ‘{"_some_info":“foo”,“full_message”:“First Log Web”,“host”:“”,“level”:5,“short_message”:“Message Web1”,“timestamp”:1564438682,“timestr”:“2019-07-29 22:18:02”,“uuid”:“XXXX”,“version”:“1.1”}’;

Response Details:
{ ‘captured_req_headers’ => undef, ‘code’ => 500,
‘headers’ => bless( { ‘content-length’ => [ 121 ],
‘x-internal-response’ => [ 1 ] },
‘Furl::Headers’ ),
‘minor_version’ => 0,
‘captured_req_content’ => undef,
‘message’ => 'Internal Response: Failed to send HTTP request: Connection refused ',
‘content’ => 'Failed to send HTTP request: Connection refused ',
‘request_src’ => { ‘headers’ => [ ‘Content-Type’, ‘application/json’ ],
‘url’ => ‘’,
‘method’ => ‘POST’,
‘content’ => ‘{"_some_info":“foo”,“full_message”:“First Log Web”,
“host”:“”,“level”:5,“short_message”:“Message Web1”,“timestamp”:1564438806,
“timestr”:“2019-07-29 22:20:06”,
“uuid”:“XXXX”,“version”:“1.1”}’ } },
‘Furl::Response’ );

What kind of input did you use? (Graylog UI System > Inputs)

please google yourself what stands for and why that isn’t working from a remote host …

for the above i used HTTP GELF, currently i create diffrent input (TCP GELF, port 12201
below configurations for nginx config file:

server {

    listen       80;
    server_name  graylog;

    location /guacamole/ {  

    location /graylog/ {
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Graylog-Server-URL https://$server_name/graylog/api;
        proxy_pass       http://graylog:9000/;
    location /portainer/ {  


below code to docker compose file:

version: '2'
    image: jwilder/nginx-proxy
    container_name: nginx-proxy
                - "443:443"
                  - "80:80"


# MongoDB:
    image: mongo:3
  # Elasticsearch:
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
        soft: -1
        hard: -1
    mem_limit: 1g
  # Graylog:
    image: graylog/graylog:3.0
      # CHANGE ME (must be at least 16 characters)!
      - GRAYLOG_PASSWORD_SECRET=somepasswordpepper
      # Password: admin
      - GRAYLOG_ROOT_PASSWORD_SHA2=8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918
      - mongodb:mongo
      - elasticsearch
      - mongodb
      - elasticsearch
      # Graylog web interface and REST API
      - 9000:9000
      # Syslog TCP
      - 1514:1514
      # Syslog UDP
      - 1514:1514/udp
      # GELF TCP
      - 12201:12201
      # GELF UDP
      - 12201:12201/udp    
      name: nginx-proxy

when i try to create log from other application(installed on the same docker compose ), i get below message :
Cannot create socket: Connection refused
any help please

Update : above issue is solved, i replaced host in graylog object created in PERL to graylog

@jan, thank you for your help

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.