Elastic agent not shipping syslog

Thomas_Thorburn · May 20, 2022, 11:43am

Hi all,

I'm using elastic agent v8.2.0 being sent to an Elasticsearch service cluster on v8.2.0 using the recommended tar install method. The agents are healthy with the system integration enabled and ship logs from /var/log/auth but not /var/log/syslog. There are no errors in the elastic agent logs, and nothing from the syslog path ever makes it into the cluster. I'm not sure what information to provide to further diagnose this issue, but here is some version info

elastic-agent diagnostics
elastic-agent  id: 14d490e5-f0f7-4107-9265-34e62803e905                version: 8.2.0
               build_commit: b9a28ad5f45c2f1a8f4f847a6b936ad6901be8f0  build_time: 2022-04-20 13:31:11 +0000 UTC  snapshot_build: false
Applications:

This is occurring on a ubuntu 20.04 and 18.04 linux host, not containerized

Thank you

kvch · May 23, 2022, 2:17pm

Could you please share the logs collected by elastic-agent diagnostics : Elastic Agent command reference | Fleet and Elastic Agent Guide [8.2] | Elastic

system · June 20, 2022, 4:17pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Problem with syslog in Fleet-Elastic agent-System Integration Beats fleet	1	509	February 25, 2021
Elastic Agent for syslog Elasticsearch	1	517	April 27, 2022
Elastic agent does not send logs Elastic Security fleet	8	2257	September 28, 2021
Need help adding Fleet server Elastic Agent	19	995	May 21, 2023
How do I troubleshoot elastic agent not sending any logs to siem app SIEM	6	1102	November 9, 2021

Elastic agent not shipping syslog

Related topics