0

Hell There,

I am new to graylog, we have configured client with below entry in configuration file

*.* @1*.**.88.**:514;RSYSLOG_SyslogProtocol23Format (we are using 514 port)

even we tried to to send some logs to graylog server with

echo -n -e '{ "version": "1.1", "host": "example.org", "short_message": "A short message", "level": 5, "_some_info": "foo" }'"\0" | nc -w 3 10.**.88.** 30001

tcpdump -vvv -i any port 514 |grep TCP
tcpdump -vvv -i any port 514|grep UDP

but in GUI we are not able to see any messages from that client, can you all please help us what we are missing since we dont have any idea of graylog. our version is Graylog v3.3.8+

Regards,

Samurai

Samurai
  • 121
  • 1
  • 4
  • 15

1 Answers1

1

Ports under 1024 are reserved. Switch your input to use 1514 instead and it should work.

Blackbox
  • 59
  • 3
  • @Blacbox , how to check if its working or not, My graylog server is hosted as container and we can see some logs for port 1514 but in gui we are not seeing any information for port 1514 even if we create new inputs. can you please guide. – Samurai Jan 15 '21 at 05:49