Graylog: Creating a first input in Graylog

This documentation is part of the Getting started guide. View the full guide here: How to get started with Graylog.

👋 Welcome to the Stackhero documentation!

Stackhero offers a ready-to-use Graylog cloud solution that provides a host of benefits, including:

  • Unlimited and dedicated SMTP email server included.
  • Effortless updates with just a click.
  • Customizable domain name secured with HTTPS (for example, https://logs.your-company.com).
  • Optimal performance and robust security powered by a private and dedicated VM.

Save time and simplify your life: it only takes 5 minutes to try Stackhero's Graylog cloud hosting solution!

An input is the endpoint where Graylog receives your logs. You can send logs using TCP or UDP. Additionally, Graylog can collect log entries from an API, a Kafka queue, a RabbitMQ server and other methods.

In this example, we will create a raw UDP input. To begin, open the Graylog interface and navigate to "System" then "Inputs". Choose "Raw/Plaintext UDP" and click on "Launch new input". Configure your input with the following values and validate the form:

  1. Node: Select your node
  2. Title: RAW UDP
  3. Port: 5555

Next, open a terminal on your computer and send a UDP message to your Graylog server. Remember to replace XXXXXX with your service domain name:

  • On macOS: echo "Hello Graylog from UDP" | nc -u -w1 -c <XXXXXX>.stackhero-network.com 5555
  • On Linux: echo "Hello Graylog from UDP" | nc -u -w1 <XXXXXX>.stackhero-network.com 5555

After sending the message, return to Graylog and click on "Search". You should see your message 🎉

Congratulations, you have now sent your first message to Graylog! Feel free to create additional inputs and dashboards tailored to your needs. For further guidance, you might find Graylog's official documentation useful.