Level=error msg="[UpdateRegistration] Failed to report collector status to server

(Vidya Kirthi) #1

Hi ,
I am not able to view the logs after configuring the collectors in graylog
I have configured sample beats input and output
collector and beats status show up and running in the graylog web

However i am not able to see the log output
Below is the error is see in the collector_sidecar logs

time=“2018-07-25T06:07:29-05:00” level=error msg="[RequestConfiguration] Fetching configuration failed: Get[“linux”%2C"apache"]: dial tcp getsockopt: connection refused"
time=“2018-07-25T06:07:29-05:00” level=error msg="[UpdateRegistration] Failed to report collector status to server: Put dial tcp

the packages version are below

filebeat -version
filebeat version 6.1.2 (amd64), libbeat 6.1.2

/usr/bin/graylog-collector-sidecar -version
Graylog Collector Sidecar version 0.1.6 (77045b2) [go1.9.3/amd64]

Graylog 2.4.6
Elastic search : 5.6.10

(Vidya Kirthi) #2

(Jan Doberstein) #3

What configuration did you create for the tags linux or apache in Graylog?

Is the error continuesly comming up? What exactyl is your problem?

(Vidya Kirthi) #4

Yes the error continuously comes up
I have the below configuration


update_interval: 10
tls_skip_verify: false
send_status: true
collector_id: file:/etc/graylog/collector-sidecar/collector-id
cache_path: /var/cache/graylog/collector-sidecar
log_path: /var/log/graylog/collector-sidecar
log_rotation_time: 86400
log_max_age: 604800
- linux
- apache
- name: nxlog
enabled: false
binary_path: /usr/bin/nxlog
configuration_path: /etc/graylog/collector-sidecar/generated/nxlog.conf
- name: filebeat
enabled: true
binary_path: /usr/bin/filebeat
configuration_path: /etc/graylog/collector-sidecar/generated/filebeat.yml

generated filebeat.xml:

  • encoding: plain
    exclude_files: []
    collector_node_id: prd-log01.lb.nl
    gl2_source_collector: 785cb392-8649-4e08-9f8b-f93411552509
    type: log
    ignore_older: 0
    • /var/log/*.log
      scan_frequency: 10s
      tail_files: true
      type: log
    • localhost:5044
      data: /var/cache/graylog/collector-sidecar/filebeat/data
      logs: /var/log/graylog/collector-sidecar
  • linux
  • apache

I have configured the apache tag in graylog web . created beats input and output .

ideally im supposed to view the logs in /var/log/*.log , which im not able to see in web .

Can you help me out on this

(Jan Doberstein) #5


is your Graylog REST API it is very unlikely that you can reach the BEAT Input on that host via


But that is how this is configured

(Vidya Kirthi) #6

I changed the beats localhost to IP address in the configuration and it worked . Thank you :slightly_smiling_face:

Could you please let me know how is it possible to configure multiple logs beat input/output .

For now i have configured for only 1 access log

(system) #7

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.