Hi,
I have a problem to send the audibeat log to my syslog.
If I send the log to the file inside the file I can show some useful information such as the modified file etc, but If I send the same information to the syslog I receive just few information, and I don't find any way to get more details.
This is my output code:
output {
syslog {
host => "syslogip"
protocol => udp
port => "port"
facility => "user"
severity => "informational"
#codec => plain { format => "%{message}" }
message => "%{message}"
}
file {
path => "/tmp/test.log"
}
}
I tried removing %message, or adding something else such as a customer string etc but the output still remain the same:
this is an example
<13>Apr 03 08:17:47 {"name":"XXXXXXXX","id":"XXXXX","os":{"name":"Red Hat Enterprise Linux Server","family":"redhat","version":"7.6 (Maipo)","platform":"rhel","codename":"Maipo"},"containerized":false,"architecture":"x86_64"} LOGSTASH[-]: %{message}