Questions tagged [Graylog] (9)

1
answer

Why Docker container does not send logs?

Good day, this problem occurs. Lift on the server the container that needs to send logs to Graylog. The last great sees the connection but had not received the logs, what can you do? docker_container: name: "{{ container_name }}" image: "{{ container_image }}" state: "{{ container_state | default('started') }}" log_driv...
Enrico.Jacobi asked April 4th 20 at 14:18
0
answer

Why Graylog2 does not see the logs with Windows when using WinLogBeat, NXlog?

In fact, the details of the question. Set GrayLog using 2.5 .ova file. It was necessary to send logs from Windows Server itself to Graylog. First tried using NXLog, but the logs don't come, then decided to immediately try out GrayLog and send to qRadar, he sees them, but there is a mess of data. The house decided to try usi...
Alberta_Mitchell asked March 19th 20 at 20:36
1
answer

How to protect input to graylog?

In Graylog3 created input to which arrives the log from the device and I still don't understand how to protect this input, because anyone can send terrabyte junk logs in my system of collecting logs. In the documentation about this word, the transmission of syslog occurs without authorization, filtering by IP is nowhere, a...
margarette74 asked March 17th 20 at 12:16
2
answers

Universal system for collecting logs from Linux, AD, Exchange notifications, filters, etc.?

Need to collect and store logs from linux and windows servers including exchange, ms sql, etc. (for a specific event id) + desired notifications, easy viewing with filters, save it in a readable format. Which system is the best fit for this? Graylog, ELK, your option... ?
elaina.Mertz91 asked March 13th 20 at 15:23
1
answer

Evtsys cp1251 and Graylog2 how to make friends ?

There is a build of Graylog2 (partylog), decided to remove the logs from dc to win2008std, of course, the logs fall in cp1251. Can anyone come across as nicer to handle...
Payton_Prosacc asked October 7th 19 at 20:37
1
answer

What log aggregator is optimal for hayload?

Tell me what the log aggregator is optimal for hailed projects that would have been a minimal burden on clients which collect the logs. Tried graylog2 - client nothing but rsyslog'not need, which is very pleasing. In General, share experiences - sending a large number of data via udp could significantly affect system perfor...
elena.Dach asked September 20th 19 at 17:45
1
answer

Why graylog2 does not display the logs if one of the node elasticsearch cluster is inaccessible?

Tested graylog2. Deployed the following scheme for 4-virtualtech: 2 backend - graylog-server, mongodb (replica set), elasticsearch (master and data node) 2 front - end keepalive, haproxy, mongodb (replica set arbiter), elasticsearch (master node without data) Everything works great except case when one of the elasticsearch ...
Alverta97 asked August 23rd 19 at 11:52
2
answers

Elasticsearch cluster is unhealthy (RED) how to fix?

Good afternoon. Downloaded and deployed the ova version of graylog2 After the launch there was a warning:Elasticsearch cluster is unhealthy (RED) (triggered a day ago) The Elasticsearch cluster state is RED which means shards are unassigned. This usually indicates a crashed cluster and corrupt and needs to be investigated. ...
Anita52 asked July 5th 19 at 01:28
0
answer

How to configure Graylog2 to convert IP to DNS names?

Good day all, about this I know, for some reason does not work. In inutah created multiple threads for syslog for nginx and netflow with glands According to the redmi has been downloaded plugin to throw everything in the config spelled out the desired rows all restarted. But as was and remains. Maybe someone was able to con...
Ibrahim_Berni asked July 5th 19 at 00:04
0
answer

Is it possible to Graylog 2сделать group messages?

From the application to the Graylog2 UDP messages are sent, which have field user_id - who initiated the message. In a web muzzle Graylog'a is stream, which is filtered by the field source, but by default, messages are sorted by timestamp, and I would like to group them by user_id. Is it possible to Graylog ?
ova_Schoen52 asked July 4th 19 at 14:05