I have having trouble getting logstash and elasticsearch setup. I have my rsyslog server sending my logs from my Unifi UDM device. I have it setup for the most-part but the problem is how logstash is trasforming the logs by escaping quotes. I donj't want it to do that and I am not sure if you can turn that off.
I have tried input and output codec (Json, plain, and line) none of them worked.
The input plugin is TCP and the output plugin is elasticsearch.
Here is my input and output below it is very simple. I will use a grok filter but I need to get the backslash removed first.
I am very new to ELK stack so please let me know what I can do to fix this
input {
tcp {
port => 5000
}
}
output {
elasticsearch {
hosts => ["192.168.20.35:9200"]
}
}