Log analysis with graylog


(amit) #1

Hi there,

As i am new to graylog, i have installed graylog and configured NXlog to send the client logs to graylog server,
and i am receiving it,

I wanted to how can i analyze these logs for the troubleshooting, alert and purpose .

i have gone through the a video on youtube
https://www.youtube.com/watch?v=0sjYnn2UGCw it is too short video i am getting the following

Capture

how can i enable this for analysis. and also if there is any documentation then please let me know.

Thanks


(Tess) #2

Just checking: which version of Graylog did you install?

I wanted to how can i analyze these logs for the troubleshooting, alert and purpose .

Question is what you’d specifically want to do, search, analyze or see.

Compared to the other fields (like source, facility, sourcefile, etc, the message field is something that’s harder to perform statistical analysis on. All other fields are pretty predictable when it comes to their contents (source = string or IP, facility = short string, timestamp = datetime) there’s no telling what the message field may contain. Could be a short string, could be a couple thousand characters :slight_smile:

So, what are your goals?

And… have you read the Graylog documentation website? It offers some nice examples of queries and so on.

EDIT:
Of course, if you had Googled the particular message you would have probably already found a few answers (like this thread here). One of the things being that it seems that analysis of messages is disabled out of the box. And that’s probably because running those statistical things against the messages field is not always/often useful.


(system) closed #3

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.