I just finished the setup of a brand new Graylog 3 server and wanted to share my configuration for sending HAProxy logs. I’m not digging into the server setup. It’s super simple; you can find out docker-compose configuration on the official docs. https://docs.graylog.org/en/3.0/pages/installation/docker.html
Don’t be stingy for the ram; give the proper space for god’s sake. (depends on your data for sure)
Here is the configuration that I use:
- add “log-format” to your haproxy configuration and then reload the service.
- change IP address and make sure the port mapped properly on the docker configuration.
- restart rsyslog service
remember: “iptables -L” is your friend 😉
how about graylog configuration part?
should it be a GELF ? RAW syslog ? and how is the parse done?
pelase share
thx
Syslog UDP. You can use extractors for parsing.
Can you also explain process for haproxy enterprise edition
I have no experience with the enterprise edition. However, I don’t think it will be any different.