Logs not showing in Graylog using nxlog agent

{
“from”: 0,
“size”: 150,
“query”: {
“bool”: {
“must”: [
{
“query_string”: {
“query”: “gl2_source_input:5dd397d5931ece05c558ce75”,
“fields”: ,
“use_dis_max”: true,
“tie_breaker”: 0,
“default_operator”: “or”,
“auto_generate_phrase_queries”: false,
“max_determinized_states”: 10000,
“allow_leading_wildcard”: false,
“enable_position_increments”: true,
“fuzziness”: “AUTO”,
“fuzzy_prefix_length”: 0,
“fuzzy_max_expansions”: 50,
“phrase_slop”: 0,
“escape”: false,
“split_on_whitespace”: true,
“boost”: 1
}
}
],
“filter”: [
{
“bool”: {
“must”: [
{
“range”: {
“timestamp”: {
“from”: “2019-10-20 07:46:16.167”,
“to”: “2019-11-19 07:46:16.167”,
“include_lower”: true,
“include_upper”: true,
“boost”: 1
}
}
}
],
“disable_coord”: false,
“adjust_pure_negative”: true,
“boost”: 1
}
}
],
“disable_coord”: false,
“adjust_pure_negative”: true,
“boost”: 1
}
},
“sort”: [
{
“timestamp”: {
“order”: “desc”
}
}
]
}

dear @ramana

it would have been very nice if you follow any kind of friendly social behaviour. You are new in this community and SHOUT into the room in a way that nobody will be able to help you.

What is your question (no the subject line is not for the question) - why do you have this question, why this might be a problem for you?

Dear Jan,
i have configured graylog server and i have installed nxlog agent in one of the windows client but unable to find the logs in Graylog server.

i have gone through multiple articles but no clue, while checking there is a difference between graylog server time and electric search time…

below is the nxlog.conf

Panic Soft
#NoFreeOnExit TRUE

define ROOT C:\Program Files (x86)\nxlog
define CERTDIR %ROOT%\cert
define CONFDIR %ROOT%\conf
define LOGDIR %ROOT%\data
define LOGFILE %LOGDIR%\nxlog.log
LogFile %LOGFILE%

Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data

Module xm_syslog Module xm_charconv AutodetectCharsets iso8859-2, utf-8, utf-16, utf-32 Module xm_exec Module xm_fileop
# Check the size of our log file hourly, rotate if larger than 5MB
<Schedule>
    Every   1 hour
    Exec    if (file_exists('%LOGFILE%') and \
               (file_size('%LOGFILE%') >= 5M)) \
                file_cycle('%LOGFILE%', 8);
</Schedule>

# Rotate our log file every week on Sunday at midnight
<Schedule>
    When    @weekly
    Exec    if file_exists('%LOGFILE%') file_cycle('%LOGFILE%', 8);
</Schedule>
Module xm_gelf Module im_msvistalog ReadFromLast TRUE SavePos TRUE Query \ \ *\ *\ *\ \ Module om_udp Host 10.66.100.38 port 3514 OutputType GELF Path in => out

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.