10. Sending Windows Events to Graylog 3.0 using Nxlog

แชร์
ฝัง
  • เผยแพร่เมื่อ 4 พ.ย. 2024

ความคิดเห็น • 42

  • @UgyenTT
    @UgyenTT 3 ปีที่แล้ว

    did exactly like you demonstrated for windows 10 but not receiving any log. I used GELF UDP with port 5150 in the input and also in the nxlog configuration

    • @BitsByteHard
      @BitsByteHard  3 ปีที่แล้ว

      Recheck your configuration , tshoot the network and so on. You could also use the official documentation for nxlog, there might be some changes

  • @twistable_deer
    @twistable_deer 3 ปีที่แล้ว +1

    That helped! Thank you :) I was struggling trying to forward Windows logs to my Graylog server.

  • @double_DD
    @double_DD ปีที่แล้ว

    how to filter logs for sending to graylog, eg. only to send some windows logs to graylog, and other logs to disregard.

  • @AdrianSinner97
    @AdrianSinner97 2 ปีที่แล้ว

    great vid mate: LIKE.
    Still, i made all these config. you're doing, still graylog does not come up with anything from the WIndows server.
    Still trying to understand where is the issue.
    Telnet is working between WIN Server and Graylog on ports 9200,9000.

  • @ermiyaslegesse1574
    @ermiyaslegesse1574 ปีที่แล้ว

    when i tied saving in notepad it says i don't have permission to open the file. What can i do to get around that?

  • @dummyaccount9578
    @dummyaccount9578 2 ปีที่แล้ว

    Hi does it need to be different port on each different input? (like I want to add another input)

  • @fabiojackbaladeiro
    @fabiojackbaladeiro ปีที่แล้ว

    Thank you very much for weeks was looking for a solution . I just found it thank you very much

  • @suchirasenevitathne7017
    @suchirasenevitathne7017 4 ปีที่แล้ว +2

    Thanks. very helpful guide.

  • @larissahenn3750
    @larissahenn3750 3 ปีที่แล้ว +1

    Hi, do you know how I can filter the event logs, so that for example only the System tab errors are showed?

    • @BitsByteHard
      @BitsByteHard  3 ปีที่แล้ว

      i think you'd need to configure windows events on the windows machine, or do it with pipelines in Graylog and tell which messages should go into graylog

    • @larissahenn3750
      @larissahenn3750 3 ปีที่แล้ว

      @@BitsByteHard do you have a example? Or can you help me?

  • @mattdunn2020
    @mattdunn2020 4 ปีที่แล้ว

    What are you using for a lb for UDP? I typically use HAproxy but to my knowledge its only tcp

    • @BitsByteHard
      @BitsByteHard  4 ปีที่แล้ว

      FOR trese video i was using free Kemp load balancer

  • @AaronWeissRocks
    @AaronWeissRocks 4 ปีที่แล้ว +1

    So simple, so easy. Thank you.

  • @НиколайТуршиев
    @НиколайТуршиев 4 ปีที่แล้ว +3

    Hi, thanks for your guide, it was very helpful for me! Like!

  • @2010romu
    @2010romu 2 ปีที่แล้ว

    I did all the configuration as shown in the video, I started the nxlog service correctly, but it is not sending messages to the graylog.
    Would you help me?

    • @BitsByteHard
      @BitsByteHard  2 ปีที่แล้ว

      check if the time on both machines is synced and it's the same minute hour second timezone

    • @2010romu
      @2010romu 2 ปีที่แล้ว

      @@BitsByteHardok it was solved! I would like another help. I'm not able to filter the logs that Nxlog sends to graylog. could you help me

  • @Pavankumar781
    @Pavankumar781 2 ปีที่แล้ว +1

    Thank you boss!

  • @ai_designdevelopment6252
    @ai_designdevelopment6252 3 ปีที่แล้ว

    While opening nx its showing some fatal qt error can u please guide y its happen n how to resolve it....please i am stuck here

    • @BitsByteHard
      @BitsByteHard  3 ปีที่แล้ว

      contact me on twitter and we can speak there

  • @Polyak331
    @Polyak331 3 ปีที่แล้ว +1

    thanks for you video!

  • @dotcaodin
    @dotcaodin 5 ปีที่แล้ว

    Why you don't use Sidecar ?
    This tutorial fit Windows 10 ?
    Thanks.

    • @BitsByteHard
      @BitsByteHard  5 ปีที่แล้ว +1

      would you like to see a sidecar tutorial?
      this tutorial with nxlog should fit all windows systems( for the windows 2003 servers and below you need to use as an input with mseventlog module) and linux(for the config part)

    • @sopota6469
      @sopota6469 5 ปีที่แล้ว

      @@BitsByteHard yes, without Sidecar you can't follow this tutorial. Graylog's documentation is a mess, complete and thorough but you are constantly jumping around to do the most simple things, gets tiresome really fast. Thanks for taking your time doing this series.

    • @BitsByteHard
      @BitsByteHard  5 ปีที่แล้ว

      @@sopota6469 well let me tell you something, for the environment i work in like production one, all of the linux and windows servers have nxlog installed on them, and i'm receiving logs from them to graylog without a single issue everything works like a charm.
      but just for fun i'll also do a sidecar tutorial for graylog ;)

    • @BitsByteHard
      @BitsByteHard  5 ปีที่แล้ว

      hi Dereck here are the sidecar tutorials for windows and linux
      th-cam.com/video/oJ08QadvM88/w-d-xo.html
      th-cam.com/video/gjXXs0_fBzU/w-d-xo.html

  • @marcilioramo
    @marcilioramo 3 ปีที่แล้ว +1

    Muito bem explicado, thanks

  • @shah_rukh_khan_SRK
    @shah_rukh_khan_SRK 5 ปีที่แล้ว

    hi
    does'nt work with windows 10
    thanks

    • @BitsByteHard
      @BitsByteHard  5 ปีที่แล้ว

      i haven't tested nxlog with windows 10, maybe there is an issue with nxlog.
      maybe you can try to use sidecar for windows 10, i have a tutorial about it on the channel, try it and hopefully for you it will work.

    • @erkoj07
      @erkoj07 4 ปีที่แล้ว +2

      @@BitsByteHard It works perfectly well with Windows 10 using these instructions

    • @BitsByteHard
      @BitsByteHard  4 ปีที่แล้ว

      @@erkoj07 glad to hear that, thanks for the confirmation.

  • @rewtenator8038
    @rewtenator8038 2 ปีที่แล้ว

    UDP!!!