Nginx usage for port 514

Has anyone used Nginx for listening on port 514 and redirecting to port 8899? Do you have any recommended tutorials for this configuration? I have the below setup which is incorrect.

server {
listen 514;

location / {
    proxy_pass localhost:8899;
}

}

What kind of traffic you are trying to redirect?

I am trying to redirect SYSLOG traffic from port 514 (since Graylog does not like using that port) and forward to port 8899 where Graylog syslog input operates successfully.

Nginx is not proper tool for this.
You should consider to change destination port on you syslog clients nodes using configuration or via iptables
Only if that’s not possible - you can use iptables on graylog machine to redirect packets from 514 to 8899

Thank you @zoulja I will try persuade the client to change ports instead. Or I will look at iptables.

Hi

2 things, you make a HTTP redirect on 514 tcp.

2nd you should check nginx’s stream configuration for this task.

M

1 Like

Plenty of equipment (some software as well) doesn’t support output to other port than 514, so it could be an issue.
Iptables approach mentioned by @zoulja works well (although it can be tricky), try something like:
sudo iptables -t nat -A PREROUTING -p udp --dport 514 -j REDIRECT --to 8899

I setup a syslog-ng on the same box as the main GL server and send the logs to the GL input.
Works like a charm.

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.