Differences

This shows you the differences between two versions of the page.

--- computing:linux:graylog [2021/08/23 12:34]
gcooper
+++ computing:linux:graylog [2022/01/18 11:05] (current)
gcooper
@@ Line 1: / Line 1: @@
 ====== Syslog with Graylog ======
-FIXME Unfinished
 **Excellent Documentation**: https://docs.graylog.org/en/4.1/index.html
@@ Line 30: / Line 28: @@
 **Archived data is stored in a compressed format on the Graylog server** or network file share. It is searchable via GREP, but must be reconstituted in Graylog in order to be searchable through the GUI again.
+===== Upgrade =====
+We use ''apt'' repositories for installation, so updates are easy:
+Show all ''apt'' sources:
+<file>
+grep -r --include '*.list' '^deb ' /etc/apt/sources.list*
+</file>
+<file>
+apt update && apt dist-upgrade -y && apt autoremove -y && apt clean && reboot
+</file>
 ===== Configuration =====
@@ Line 39: / Line 51: @@
 ==== Syslog Input ====
-The first step to accept input is to create an ''Input'' (listener), probably syslog UDP and TCP.
+The first step to accept input is to create an ''Input'' (listener), perhaps "Syslog UDP".
 It is recommended to configure the syslog ''Input'' to accept traffic on **UDP port 1514** and redirect traffic sent to UDP 514 to it.
@@ Line 58: / Line 70: @@
 ==== Create Stream ====
-Stream Rules route messages into indexes.
+Stream Rules route or sort messages into indexes.
 ===== Log Sources =====

Virtual Architects Support Wiki