Hi There,
Setting up logging from an Edge Router 4 to Graylog. I created a syslog input using udp and port 514. I can see messages in and out in the top right (usually only 1) but no messages when I click show received.
I created another input using the same port but using raw/plain text and it works but using raw/plain text just leaves me with a large message with no tags.
Is there anything I can do about this?
I am using Greylog (latest) in docker.
On a side note Graylog is awesome.
you need to create a syslog input to have messages already a little parsed - it might be that the time is not correct, or is missing some kind of timezone or similar.
That is now a sherlock task to find out the reason. I do not have Edge Router available to check how the messages are formated.
Check your timezone setting, usually you don’t see any message because timestamp is older than your selected timeframe (10 minutes). First try to select bigger search interval (for example 8 hours) if there is any message. If so, change your root_timezone parameter correctly in /etc/graylog/server/server.conf and restart graylog.Hope it helps.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
