Page 1 of 1

Central Logging - Graylog

Posted: Thu Jun 25, 2020 10:52 am
by Stril
Hi!

I want to let my MT devices send their logs to a central destination.

I am already using Graylog, so I did set up a syslog input on Graylog and configured it as destination for the MT-devices.

But:
- If I use "BSD syslog" on my MT routers, I do not see the messages.
- If I do not use "BSD syslog", i can see the messages as unformatted string: firewall,info output: in:(unknown 0) out:ether1, proto 4, 10.49.0.17->10.10.239.5, len 40

Are you using Graylog? Did you setup a working set of extractors, or how did you solve this?

Thank you for your thoughts
Stril