Logstash collecting logs from the switch

Elastic Stack Logstash
1

Hi ,

I am not getting any logs from the switch tough it is currently configured in switch level also and please find my below code

input {
udp {
port => 5145
type => syslog
}
}

filter {
if [type] == "syslog" and [syslog_facility] == "local7" {
if "ERROR" in [message] {
mutate {
add_tag => ["error"]
}
} else if "WARNING" in [message] {
mutate {
add_tag => ["warning"]
}
} else {
mutate {
add_tag => ["info"]
}
}
}
}

output {
stdout {
codec => rubydebug
}
}
Let me know what is the issues here why logs are not coming from switch when I run the command below/usr/share/logstash/bin/logstash --path.settings /etc/logstash/ -f /etc/logstash/conf.d/switchlogs.conf

2

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.