NXlog to Rsyslog to Graylog

This is the place for you, if you got rsyslog up and running but wonder how to make it do what you want.

Moderator: rgerhards

Google Ads


NXlog to Rsyslog to Graylog

Postby frantz45 » Fri Oct 27, 2017 4:25 pm

Hello,

I need to forward Windows logs in GELF format from a windows NXlog agent to Graylog through a linux rsyslog.
NXlog --> Rsyslog --> Graylog.
The issue is NXlog sends message with EOL '\0', and rsyslog replace '\0' with #000.
Rsyslog does not split logs with '\0' so it puts multiple single logs in one big log, then it forwards it to Graylog and Graylog does not understand anything as it expects a '\0' to split logs.
Do you have any solution ?
frantz45
New
 
Posts: 4
Joined: Fri Oct 27, 2017 4:19 pm

Urgent Question?

  • Pulling out your Hair?
  • Wasting Time and Money?
  • Deadline Approaching?

Re: NXlog to Rsyslog to Graylog

Postby frantz45 » Mon Oct 30, 2017 3:31 pm

I solved my issue with AddtlFrameDelimiter="0"
frantz45
New
 
Posts: 4
Joined: Fri Oct 27, 2017 4:19 pm

Google Ads



Return to Configuration

Who is online

Users browsing this forum: No registered users and 1 guest

cron