Not getting log in server and also not getting any error


(Pankaj Agrawal) #1

I want to use GrayLogs with NodeJS Application. I am using below package for that

I am using below Code, but I am not getting logs in my graylogs server also I am not getting any Error in Node Console.

logMsg = "Some Random String";
        let logger = new graylog2.graylog({
        servers: [
            { 'host': 'XXX.XXX.XXX.XXX', port: 12201 }
        ],
        // hostname: 'server.name', // the name of this host
                                 // (optional, default: os.hostname())
        facility: 'MyAPP',     // the facility for these log messages
                                 // (optional, default: "Node.js")
        bufferSize: 1350         // max UDP packet size, should never exceed the
                                 // MTU of your system (optional, default: 1400)
    });

    logger.log("info", logMsg);

Can someone please help me?

Here is the screenshot of my input

Capture


(Jan Doberstein) #2

did you checked if you are able to send a GELF message from the command line on the server where your node application is running?

You should check the path that a message will flow from your application to Graylog - this needs some Sherlock skills but this will solve your riddle.


(Pankaj Agrawal) #3

@jan

I have tried sending GELF Message and its coming in GrayLog Server.

Below is the screenshot for the same

i have used below command for that

echo ‘{“version”: “1.1”,“host”:“myhost.com”,“short_message”:“A CAQA message that helps you identify what is going on”,“full_message”:“Backtrace here\n\nmore stuff”,“level”:1,"_user_id":9001,"_some_info":“foo”,"_some_env_var":“bar”}’ | nc -w 1 XXX.XXX.XXX.XXX 12201

But when I added -u in nc command I didn’t get the log in Graylog Server.

echo ‘{“version”: “1.1”,“host”:“myhost.com”,“short_message”:“A CAQA message that helps you identify what is going on”,“full_message”:“Backtrace here\n\nmore stuff”,“level”:1,"_user_id":9001,"_some_info":“foo”,"_some_env_var":“bar”}’ | nc -u -w 1 XXX.XXX.XXX.XXX 12201

Also I didn’t get any error message after running that command.


(Jan Doberstein) #4

than you might have some error in your application log sending … or you did not send valid GELF messages. The Graylog server.log might help you a little with that.

are you sure that you have only the UDP input?


(Pankaj Agrawal) #5

Hi @jan

In my Gray Log server I have TCP Input also. Will it create any problem?
How I can use TCP in node side to send the log to GrayLog.


(Jan Doberstein) #6

you have one input TCP and one UDP of the same type (GELF) on the same port?

Did you open your Firewall for both, UDP and TCP? Did you have any related messages in your Graylog server.log?


(Pankaj Agrawal) #7

Hi @jan

We have both TCP and UDP Inputs on same port 12201.
And we have enabled the firewall. We are using AWS and that machine can accept the request from both.

Do we need to change the ports?


(Jan Doberstein) #8

maybe your AWS security group is only allowed for TCP and not UDP?


(Pankaj Agrawal) #9

Can we have both TCP and UDP on same Port?

I will check in AWS Security Group.


(Jan Doberstein) #10

Can we have both TCP and UDP on same Port?

sure


(Ark) #11

@pankajbansal enable tcp dump (use tcp command) on both ends and monitor for incoming packets on graylog server. If you see the packet coming on the graylog server that means your node js is sending the message but GL is not consuming it and if you don’t see the packets coming through something wrong at the source.

commands for tcp dump capture (change it accordingly for tcp). Also, try telnet from source machine.
tcpdump -n udp port 12201

Thanks,
Amey


(Pankaj Agrawal) #12

@jan & @ameyrk18

Thanks for all your help.
I am able to get the logs in graylog server by UDP. But I have heard that UDB packets are not guaranteed to reach on server. So we need to use TCP.

So I want to ask weather its needs any additional configuration to send the logs via TCP?


(Ark) #13

Create a new tcp inputs 12201 on the graylog and also change the sending protocol from down streams to tcp from udp


(system) #14

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.