Hi,
I've setup ES 7.3 and it's been working great for us so far. From our servers I'm sending logs to it using Filebeat without issues. The problem I'm facing is because of our storage devices, HP Nimble. The can only send to syslog so I enabled a filebeat.input for syslog, alongside the one I have for log, like this:
- type: log
enabled: true
paths:
- /var/log/messages
- /var/log/secure
- /var/log/yum.log
- type: syslog
enabled: true
protocol.udp:
host: "10.32.0.31:9090"
and the only output is the working one to send to ElasticSearch.
I've send 'events' from the Nimble to our 'filebeat' host and see them arrive using tcpdump but they never get to ElasticSearch.
Can anybody tell me what I'm missing here?
Kind regards,
Eric V.