No Collectors to display

I created an input beat as described in the documentation, but no input messages:

bind_address: 0.0.0.0
no_beats_prefix: false
number_worker_threads: 4
override_source: <empty>
port: 5044
recv_buffer_size: 1048576
tcp_keepalive: false
tls_cert_file: <empty>
tls_client_auth: disabled
tls_client_auth_cert_file: <empty>
tls_enable: false
tls_key_file: <empty>
tls_key_password: ********

Are the tls parameters mandatory in this case? :thinking:

Yeah. What’s important here:

  1. The port. You should check what port Nxlog use for logs themselves (it’s not to be mixed with sidecar’s syncronization with Graylog!) and make sure that the same value’s in the input config;
  2. The parameters tls_cert_file and tls_key_file are mandatory if you want to send logs securely. They’re used by Graylog for establishing a secure connection.
  3. The parameters tls_client_auth and tls_client_auth_cert_file are optional. You’d need them if you wanted the clients to authenticate themselves additionally against Graylog.

To be noted that you shouldn’t mix the sidecar settings and the settings of the logs.

  1. The parameters in the sidecar config on the client (Nxlog) are used only for sync with the server.
  2. The parameters in the input and in the sidecar’s applied configuration setting in Graylog are used for logs.

ok, so the port used by nxlog not be the one set in the sidecar configuration? (12201? not working)

Ok, done.

Try using 12201 in the input settings and make sure, that:

Host Server_IP
Port 12201

UPD. Check in the input settings that TLS is enabled. Check in the sidecar config, that TLS is enabled. Maybe it’s needed to be turned on explicitely. For example, for winlogbeat it’d be:

output.logstash:
   hosts: ["server:5044"]
   ssl.enabled: true

How it’s for Nxlog I don’t know, so I’d consult the docs.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.