Adding parameters from grok to syslog output

karasmeitar · September 20, 2018, 10:23am

Hi All,
I'm trying to add my syslog ip server from in my grok filter and consume it in my logstash syslog output.
In the filter section i'm adding the following:
mutate {
add_field => {
"IP" => "10.10.10.1"
"port" => 516
}
}

in the output i'm adding:
syslog {
host => "%{IP}"
port => "%{port}"
}

I have two problems with this configuration:

with the type of the port.. i'm getting error that it should be a number
with the IP, when i changed the port manually to 512 i'm still not getting the logs.

Thanks for your help.

system · October 18, 2018, 10:23am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Syslog filter for IP Logstash	4	841	March 7, 2021
Logstash - Syslog input and output Logstash	1	400	February 27, 2018
[SOLVED] Syslog filter additional filtering Logstash	6	2455	December 8, 2016
How to add ip (any specific parameters) to filter in logstash? Logstash	6	843	July 6, 2017
Logstash parsing syslog Logstash	8	3520	July 6, 2017

Adding parameters from grok to syslog output

Related topics