Seeing Active Connections : 1 (but no data)

Hello, new to graylog3 and trying to get the logs sent from Ubuntu16 to my graylog3 box. I see (in screenshot below) traffic seems to randomly reach the graylog box but I’m not sure, I don’t see anything when I click on the show received messages button. I see only a spinning waiting indicator.

Setup:
Graylog:Ubuntu 16.04
ip: 10.23.20.242
Server setup with Input on 1514 via TCP (and UDP)
1514/tcp open unknown (from remote)

graylog_input.png2218×882 112 KB

Remote Server: Ubuntu 16.04
Send logs over TCP Port 1514 to -> Server which has TCP input 1514
1514/tcp filtered unknown (from graylog)

Added to 50-default.conf :
. @@10.23.20.242:1514;RSYSLOG_SyslogProtocol23Format
. @10.23.20.242:1514;RSYSLOG_SyslogProtocol23Format

Am I missing something ? This doesn’t seem to be working right. Help!

did the server actually prodice log messages?

No it doesn’t seem to be , I just see some data and that it’s connected but nothing seems to be happening …

So Sherlock - now the fun begins.

Start investigate where the connection has issues.

What did you have done and what did you find out?

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.