收集linux日志-filebeat
安装sidecar
下载graylog-sidecar-1.0.2-1.x86_64.rpm
rpm -ivh graylog-sidecar-1.0.2-1.x86_64.rpm
vim /etc/graylog/sidecar/sidecar.yml (url token)
graylog-sidecar -service install
systemctl enable graylog-sidecar
systemctl start graylog-sidecar
安装filebeat
下载filebeat-7.4.2-x86_64.rpm
rpm -ivh filebeat-7.4.2-x86_64.rpm
systemctl start filebeat
systemctl enalbe filebeat
配置web界面
收集windows日志
安装graylog_sidecar_installer_1.0.2-1.exe
C:Program Filesgraylogsidecargraylog-sidecar.exe -service install
C:Program Filesgraylogsidecargraylog-sidecar.exe" -service start
gitlub链接
https://github.com/Graylog2/collector-sidecar/releases
配置文件
/etc/graylog/sidecar/sidecar.yml
C:Program FilesGraylogsidecarsidecar.yml