Hello, I have recently installed Graylog, inspired by the Tom’s video and my free Splunk only allows 1/2 a gig a day with no alerting. The first log source I added was a pfSense 2.5.0 log source. Worked fine had no issues. I can’t get a second log source in beyond the initial input. I can see the “Network IO” ticking and I see messages when I click the “Show received messages”, but no-way / no-how can I get beyond this point, I cannot use the extractor, I cannot even trick the logs in with gl2_source_input: uuid. Have I missed a simple check box some where? Thanks.
Eh, time zones were different. Thus wasn’t finding logs.
1 Like