Hello,
I create my input to get logs from my Windows 10 machine :
When my Windows 10 send the logs, the server receive the packet :
But the Graylog server doesn’t get any logs, he don’t receive anything :
What is the problem ? can’t understand…
tyty
Try using a Raw/Plaintext UDP input instead of a Syslog UDP input.
What happens if you try to manually send a message to that input?
# echo "Test message" | nc -u SRV-LOG 5141
It worked !
Seems to work in the same machine but not on an external machine…
This is triggering me…
I try to wireshark when I send from the machine to server :
and with tcpdump, I see the packet…
Can it be a problem with rights on mongodb ?
Maybe my Windows can’t write in the db because he doesn’t have rights ?
how did you ingest the logs from Windows to Graylog? What transport did you use?
I think I found Something.
Maybe my port is open for the machine only ?
did you checked if any firewall is blocking the connection between the sender and the receiver?
No firewall between them, just a switch
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.