The Graylog Forwarder is a standalone installation and you can use the same Forwarder agent for Graylog Cloud and on-premise Graylog installations, but the required setup is different for each environment. For details on the setting up the Forwarder, please see the documentation.
You can easily set up your Graylog Forwarder using our Wizard Interface.
You can use our Wizard Menu for configuring your Forwarder, or you can create a customized configuration.
The Graylog forwarder is capable of sending logs at very high throughput rates. These can be affected by things like CPU Clock Speed, CPU Cores, available memory and network bandwidth. There are also many configuration options to help with any network.
If you are using Graylog Cloud and Cloud Forwarder’s disk journal, it caches data and sends the messages to Graylog Cloud in case of a network outage.
Additionally, if you want to analyze and extract details, you can:
- review active Forwarder(s) in the UI
- call REST endpoints to consume information on health and list of inputs
- export Forwarder metrics from Prometheus, a third-party monitoring tool
For example, an international financial company headquartered in San Francisco with a centralized IT staff working from there wants all of the logs in one central spot. The company is running 3 Graylog instances in 3 different regions. With Graylog Forwarder, they can centralize their logs messages into one cluster for monitoring, alerting, and reporting while still identifying the origin cluster. In addition,centralizing the log data means they can perform searches across the different clusters which helps you find real-time answers to problems like outages, performance issues, or security alerts.