I want to send syslog ng logs to logstash, I have installed security onion as a VM and want to send those logs to logstash which is on Ubuntu (another VM) kindly tell me how to configure both syslog-ng.log and logstash.conf to send and recieve logs.
This is the how-to i followed to get things working. I however just setup logstash to listen on a port and format the syslog events with json on the client and send directly to logstash.
FYI asking for help while show no evidence of attempting to solve the issue on your own. Will likely result in very few replies.
That's what my question was. What did you do to setup logstash to listen on a port ?
I once again suggest you read the documentation in the link provided in my previous because it answers this very question. I'll gladly help further but when replying please include the configuration file that you're having issues with.
Thank you very much.
Please read the question carefully before answering. I don't want to repeat but I have to. I have installed Security onion as a VM and ubuntu as another VM. I want to forward SO logs to Ubuntu(logstash)
I have installed filebeat and configured it. I have configured logstash on ubuntu aswell. I am already recieving logs from winlogbeat. Just tell me how to configure FIlebeat on SO to send logs to logstash, which is on ubuntu. thank you ...
Good luck to you
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.