Old Log firewall local

Hello to all,
i’am used graylog v3.1

I have 12GB old firewall log and I want to send into the graylog
What exactly should I do?
please guide me.

thanks in advance.

best regards.

read that file with filebeat and ingest or read it via script line by line and send via netcat … all possible.

hi jan

You answered very briefly
I don’t know exactly how to do it
Please guide further and more
Thank you::

1. Create new Input (Raw TCP). For example it will listen on 1.2.3.4:1234
2. Then just send content of your log to this destination.
   Basically you can do it by
   cat your.log | netcat 1.2.3.4 1234

Hiو
thank you for answering my question
Unfortunately I receive noth

01.png1376×678 22.3 KB

02.png1376×689 28 KB

03.png1376×695 30.3 KB

04.png1376×678 79.3 KB

@bahram you did something complete different from what @zoulja wrote …

hi jan
how to send content of your log to this destination ?

read the posting: Old Log firewall local

@zoulja has given a possible way.

hi jan
Unfortunately, I did not succeed
I really don’t know where the problem is
I want to do it through ُSidecar\filebeat \ input Raw/Plaintext inputs

01.png1376×678 18 KB

02.png1376×678 25 KB

03.png1376×678 33.9 KB

but filebeat and RAW Input does not work together.

When you use filebeat to read the log, you need a BEATS input that can communicate with the filebeat.

hi zoulja

I was finally able to send all the LOG to the Graylog
But I have only three filed (message, source , timestamp)
Why ?

Hi.
These are default fields.
If you want to parse log into specific fields, you need to configure Extractor, otherwise Graylog wouldn’t know what are your fields, how to name them, how to distinguish them and so on.
In Extractor you will explain Graylog “take first 8 digits and put them into Awww field, take next 2 characters and put them into Ouch field”, and so on

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.