Description of your problem
I just configured graylog today based on documentation here:
graylog/en/3.3/pages/installation/os/centos.html
I am running Graylog server on Centos 8.
I have been able to get the graylog server up and running on private IP ( AWS setup ).
I am able to login to the dashboard just fine.
I am trying to send varnish logs from my remote node to graylog server using filebeats.
Configuration seems to be fine. I can see the remote node listed.
Clicking on the node, I can see info about it and all logs.
I am also able to see the log file size change in real time.
I am using filebeats config
Here is my filebeats conf
Needed for Graylog
fields_under_root: true
fields.collector_node_id: ${sidecar.nodeName}
fields.gl2_source_collector: ${sidecar.nodeId}
filebeat.inputs:
- input_type: log
paths:- “/var/log/varnish/*”
type: log
output.logstash:
hosts: - 10.0.3.12:5044
path:
data: /var/lib/graylog-sidecar/collectors/filebeat/data
logs: /var/lib/graylog-sidecar/collectors/filebeat/log
- “/var/log/varnish/*”
The collector is shown as running.
On my remote node, I have the following config.
server_url: “http://10.0.3.12:9000/api/”
server_api_token: **
update_interval: 10
tls_skip_verify: false
send_status: true
list_log_files: ["/var/log/varnish"]
cache_path: “/var/cache/graylog-sidecar”
log_rotate_max_file_size: “10MiB”
log_rotate_keep_files: 10
However, no messages/logs are collected or shown in graylog.
Could someone help out ?
Description of steps you’ve taken to attempt to solve the issue
Environmental information
Operating system information
- CentOS
Package versions
- Graylog v3.3.14+13e45b7
- MongoDB db version v4.2.15
- Elasticsearch 6.8.18
