I’ve seen a few other posts similar to this, however, they seem to be zeroing in on other issues that don’t seem to relate here, so I’m posting a new request for input.
About a month ago, I used the OVA to setup a quick graylog server to try out nzyme. It worked great. Today, I wanted to set the same thing up in a new environment, so I downloaded the new OVA, brought it up as I have before (per documentation). I logged in, confirmed it was working. As expected, this is stock/out-of-the-box, and its working (I can see events from the default inputs.) Then I added a single GELF TCP input, and pointed my source at it. Right away, I could see the messages were coming in and being processed, but I cannot see them in the search (even when searching "all messages.)
I’ve confirmed that the graylog host vm, graylog server, and source are all set to the same timezone, and the times of the two devices match. Since I’ve added no other customization, I’m stumped. I see no errors in the /var/log/graylog/*/current logs, and the logs seem to indicate everything is healthy. What’s strange is that this same setup worked great a month ago at home with the exact same GELF TCP source (nzyme sensor).
Any ideas of what might be wrong, and where I could look to troubleshoot further?
Thanks for any ideas or help.
