we are using two EMC Unity Storage systems, I have configured both to send logs via syslog to Graylog. But I dont see the messages inside GL. Systems are in the same subnet, so there is no firewall which is filtering the traffic.
I tested Kiwi Syslog as another destination, here I see a lot of incoming messages every minute. So sending syslog messages does work.
I cant find any error in graylog-server logfile on the receiving host.
Then I run tcpdump on the GL system and I also see that syslog messages are received on the graylog server.
But I found that my Lookup Table for reverse DNS lookups is complaining about the hostname. So I disabled processing of this stream in the pipeline which uses this lookup table, but nothing changed.
ERROR [DnsLookupDataAdapter] Could not resolve [A] records for hostname [email@example.com]. Cause [[firstname.lastname@example.org] is an invalid hostname. Please supply a pure hostname (eg. api.graylog.com).]
Any advice how to find out why those messages are not visible in Graylog? May the malformed hostname cause this issue? In Kiwi Syslog I only see the IP of the sending device.
I have lot of other systems using Syslog and they all are working.
Graylog Free 3.3.2 on Centos 8