Hi Guys,
I am complete novice in Graylog2/ELK and wanted to learn it from log managment persepctive. I went through the documents but nothing is clear as such. Like what is extractor/input/streams etc…
Can someone please help me with the basics or any documentation which can clear my basics?
Thanks and Regards,
Blason R
Did you check out the official documentation at http://docs.graylog.org/?
If so, what were you specifically missing?
yeah I went through that completely but to be frank I am not getting a basic idea where to start. I mean I read all those docs but again what is Streams, how to create input, what is extractors such kind of tutorial is I am looking for.
I would really appreciate if someone can point me to the correct direction.
If you’re missing something crucial in the documentation, please file an issue at https://github.com/Graylog2/documentation/issues or contribute to the documentation yourself via pull requests.
This being said, did you read and “play through” the Getting Started Guide? Things like creating inputs and streams are described there.
I am 100% behind you on this one. Some simple diagrams showing how individual nodes and GrayLog talk to each other would be nice. As well as some ‘sample’ conf files with all the fields filled in as per the sample diagram would help.
I know writing manuals and instructions sucks, have hated that part of my job for the entire 40 years doing this. That being said, have learned some tricks. The best one, for something like GreyLog, is give the setup instructions to someone who knows computers, but does not know GreyLog. Let them attempt a simple install following your instructions. If they can’t get it to work, the instructions need work. This can be done by the person creating the system, but almost always the person writing the system will use knowledge not explicitly put into the instructions.
Putting my money where my mouth is, if you would like, I will volunteer the test of the ‘guinea pig’ tester.
HI @blason.
If you like, I can share with you the documentation I wrote for my company, detailing the installation and configuration of a GL Cluster with 3 nodes, and all its required components: Inputs, Outputs, Collector Sidecar, Indexes, etc.
Hi scampuza,
That would be awesome and I woul really appreciate that. I am really seeking good docs which could at least clear out the basic concepts. You can mail me at blason16@gmail.com
BTW just out of this topic - Which one would you think is worth spending time to learn ELK stack or Graylog2? And which one scales well in production?
It would be great if you contributed some parts of it to the official documentation: https://github.com/Graylog2/documentation
Alternatively you can put it as a guide on the Graylog Marketplace.
That would be awesome you can eMail me at gregory.west@dbwsys.mb.ca Would be great to see how you set everything up to make it work.
Hi All,
I am a new Systems Engineer at Graylog, and improving the “Getting Started” experience is one of my priorities.
As someone who knows SIEM and log management, but is new to the Graylog product, I have been going through the current docs and trying to fill in gaps I find.
@scampuza, If you would be willing to share, I would love to see your doc too. I could incorporate them into the final revision.
Thanks,
Chris
@chris.black-gl, @bignjato , @GregoryWest , @jochen and @blason this is the URL where you can download the PDF. I really put too much time and effort to create a readable document for everyone. Let me know what you think !!
https://drive.google.com/open?id=0B10mEbnNPxz0cmNRQlJwVEl1SkE
I can also share my experiences with you. Like you I’m also totally new in this matter and i am collecting logs and analyse them to rapidly be informed whats going on with my infrastructure.
I would love to see real logs being used in examples. For example rather than just giving the syntax, give the syntax, a log, and then a example of the pipeline/stream configured using the provided example log.
Thoughts?
@jochen @blason @bignjato @chris.black-gl … Sorry guys… I just realized that the manual I shared with you was a end user guide, not the Installation Guide… This is the right link!
https://drive.google.com/open?id=0B10mEbnNPxz0eEhxWGNFWHRjSGc
Thanks a ton man!! Really appreciate the effort 
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
