Has anyone used Nginx for listening on port 514 and redirecting to port 8899? Do you have any recommended tutorials for this configuration? I have the below setup which is incorrect.
I am trying to redirect SYSLOG traffic from port 514 (since Graylog does not like using that port) and forward to port 8899 where Graylog syslog input operates successfully.
Nginx is not proper tool for this.
You should consider to change destination port on you syslog clients nodes using configuration or via iptables
Only if that’s not possible - you can use iptables on graylog machine to redirect packets from 514 to 8899
Plenty of equipment (some software as well) doesn’t support output to other port than 514, so it could be an issue.
Iptables approach mentioned by @zoulja works well (although it can be tricky), try something like:
sudo iptables -t nat -A PREROUTING -p udp --dport 514 -j REDIRECT --to 8899