Raw input logfiles


(Niall Quinn) #1

Hi,

I wish to grep the raw logs for all of my data inputs. In which directory are these logs located?

Thanks,
Niall


(Tess) #2

I’m sorry, but your question is completely open for interpretation. Thus I don’t understand what you’re actually looking for. Could you please elaborate on your use-case and your question?

For example, do you mean the logs of the inputs on Graylog-side? Or do you mean something completely different?


(Niall Quinn) #3

Hi,

yes on the greylog server itself which is running on Centos 7.

I have an input from a Cisco device, which i can clearly see logs for in Greylog GUI. However I wish to grep etc. on the Greylog backend as the Greylog server GUI is not ideal.

What is the centralized directory for the logs?

Thanks,


(Ben van Staveren) #4

There is no directory with log files. You will want to connect to your Elasticsearch backend and execute the search there. But then again that’s exactly what the GUI is doing.


(Tess) #5

Bingo. What Ben said :slight_smile: The whole point of Graylog is to centrally aggregate your logfiles into one huge data lake; in this case ElasticSearch. So you’ll need to query through Elastic, i.e. the Graylog GUI.

So let’s try this another way :slight_smile: What kind of queries are you trying to run and what issues are you running into? Maybe we can help.


#6

same topic:
https://community.graylog.org/t/where-save-log-files/7902


(Tess) #7

Yup. Same question, different OP.