Hi ,
Currently we sending logs to a UDP destination, we intend send the same logs to multiple UDP destination ( logs are read from elasticsearch )
udp {
id => "udp_exporter"
codec => plain {
format => "%{message}"
}
host => "10.10.10.10.1"
port => 522
}
When i tried to use "host => "10.10.10.1, 10.10.10.2" it didn't work, it was sending logs to only first destination.
Regards,
Balaji
Hi,
I think this is your solution Multiple elasticsearch clusters for output
So in your case try to add just another UDP output plugin
But my destination is not elasticsearch cluster, it is an external SIEM device.
Do you tried this?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.