Greetings!
I'm using elastiflow with the logstash netflow plugin. Logs can get quite noisy with expected DNS timeouts and waiting for flow templates. These are logged in both /var/log/logstash/logstash-plain.log as well as syslog. Is it possible to configure the setup not to log to syslog?
Thanks!
logstash does not log to syslog itself. It logs to logstash-plain.log and stdout. Your service manager may be cc'ing stdout to syslog. You can reconfigure the service manager to prevent that.
Thanks Badger!
I'm using systemd and found that:
ForwardToSyslog - This parameter specifies if log messages that are received by the systemd-journald daemon will also be forwarded to a syslog daemon. The default is yes, but if no process is reading off from the socket, nothing happens.
In general I want stuff logged in syslog I just didn't want excessive (expected) logstash warnings. I guess I cannot have my cake and eat it (as I do still want these in logstash-plain) 
Cheers
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.