Adding parameters from grok to syslog output

karasmeitar · September 20, 2018, 10:23am

Hi All,
I'm trying to add my syslog ip server from in my grok filter and consume it in my logstash syslog output.
In the filter section i'm adding the following:
mutate {
add_field => {
"IP" => "10.10.10.1"
"port" => 516
}
}

in the output i'm adding:
syslog {
host => "%{IP}"
port => "%{port}"
}

I have two problems with this configuration:

with the type of the port.. i'm getting error that it should be a number
with the IP, when i changed the port manually to 512 i'm still not getting the logs.

Thanks for your help.

system · October 18, 2018, 10:23am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.