Install Graylog Collector from source
Manual Setup
1. Install Java with version above 1.72. Download the latest collector release. (find download links in the collector repository README)
3. Unzip collector tgz file to target location and rename
/opt/graylog-collector
4. cp config/collector.conf.example to config/collector.conf
/opt/graylog-collector/config
5. Update server-url in collector.conf to correct Graylog server address (required for registration)
6. Update file input configuration with the correct log files
7. Update outputs->gelf-tcp with the correct Graylog server address (required for sending GELF messages)
8. Start command
cd /op/graylog-collector
bin/graylog-collector run -f config/collector.conf
9. Login web interface and create new input gelf-tcp port 12201
Sample configure
# vi /opt/graylog-collector/config/collector.confserver-url = "http://10.10.10.10:12900"
collector-id = "file:config/collector-id"
host-name = "srv-web-06"
inputs {
apache-log {
type = "file"
path = "/var/log/apache2/access_log"
outputs = "gelf-tcp"
message-fields = {
"program" = "apache2"
"priority" = 3
}
}
}
outputs {
gelf-tcp {
type = "gelf"
host = "10.10.10.10"
port = 12201
client-queue-size = 512
client-connect-timeout = 5000
client-reconnect-delay = 1000
client-tcp-no-delay = true
client-send-buffer-size = 32768
}
}
Sample received message
Sample input
Nhận xét
Đăng nhận xét