Hi I would like to check with you my conf, because I am not sure of the differents options. I have : a Syslog input with TLS disabled a NGINX reverse proxy a linux server with rsyslog Everything seems to work fine, but when I first tried some logs were not recieved by graylog. After deactivated…

Syslog TCP SSL input with NGINX reverse proxy

gsmith (GSmith) December 21, 2023, 5:34am 4

Did you try TCPDUMP on graylog server see if you can see the remote client?

Your are send syslog TCP with Nginx proxy using certificates for port 10516 with listen 10.10.10.1:10516 ssl. this would be TCP/TLS.
If this is correct then the INPUT should reflect with those certs I do believe. Troubleshooting would be is to disable your SSL and tried it with just

listen 10.10.10.1:10516;

Also one of our cummunity members posted this,

Topic		Replies	Views
GrayLog Nginx Reverse Proxy Https Graylog Central (peer support)	9	5343	May 1, 2020
TLS for an Input Graylog Central (peer support)	3	814	May 25, 2024
Securing inputs Graylog Central (peer support)	7	3204	April 15, 2022
Server currently unavailable \ Nginx Reverse Proxy Graylog Central (peer support)	1	566	May 5, 2020
Syslog Input Problem with other Clients and Questions Graylog Central (peer support)	2	302	January 25, 2021

Syslog TCP SSL input with NGINX reverse proxy

Related topics