Elastic agent not shipping syslog

Thomas_Thorburn · May 20, 2022, 11:43am

Hi all,

I'm using elastic agent v8.2.0 being sent to an Elasticsearch service cluster on v8.2.0 using the recommended tar install method. The agents are healthy with the system integration enabled and ship logs from /var/log/auth but not /var/log/syslog. There are no errors in the elastic agent logs, and nothing from the syslog path ever makes it into the cluster. I'm not sure what information to provide to further diagnose this issue, but here is some version info

elastic-agent diagnostics
elastic-agent  id: 14d490e5-f0f7-4107-9265-34e62803e905                version: 8.2.0
               build_commit: b9a28ad5f45c2f1a8f4f847a6b936ad6901be8f0  build_time: 2022-04-20 13:31:11 +0000 UTC  snapshot_build: false
Applications:

This is occurring on a ubuntu 20.04 and 18.04 linux host, not containerized

Thank you

kvch · May 23, 2022, 2:17pm

Could you please share the logs collected by elastic-agent diagnostics : Elastic Agent command reference | Fleet and Elastic Agent Guide [8.2] | Elastic

system · June 20, 2022, 4:17pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.