Send log data by API in Graylog


#1

Hi,

I need to send data/logs by API from a (linux) monitoring server.

I did not find a Graylog API do achieve this in the Graylog documentation.
“Inputs” are data sources, but what i really want to do is push log data to Graylog.

However, there is an Elasticsearch API to achieve this:
curl -X POST http://myserver:9200/idx_name/type_name -H ‘cache-control: no-cache’ -H ‘content-type: application/json’ -d ‘@’./output.json

Elasticsearch then responds somthing pretty optimistic:
{"_index":“idx_name”,"_type":“type_name”,"_id":“AWSUOuGL_gV_qsok9N3w”,"_version":1,“result”:“created”,"_shards":{“total”:2,“successful”:2,“failed”:0},“created”:true}

However I don’t find my log when searching in the stream in Graylog.

So my questions are:

  • Is there a Graylog API to push log data ?
  • Is is (ro NOT) recommended to use Elasticsearch API (and therefore bypassing Graylog) ?

Thanks,

Guillaume


(Jochen) #2

Yes. It’s called inputs. :wink:

Using a GELF HTTP probably brings you closest to what you want to achieve (if you really want to use HTTP as a transport protocol).
See http://docs.graylog.org/en/2.4/pages/gelf.html#sending-gelf-messages-via-http-using-curl for some examples.

No, that’s neither recommended nor is it easily possible.


#3

Hi Jochen.

Thanks a lot, it does what is needed !


(system) #4

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.