Running Logstash 8.5.2 on RHEL.
I implemented DNS filter plugin to resolve IP addresses to hostnames for all syslog nodes reporting to this logstash server. I am using our local DNS server.
It all worked perfectly until DNS server went offline. When that happened logstash stopped processing all messages from all nodes. Logstash did not crash and its status was shown as active (running).
The moment DNS server came back of line, logstash started processing the messages again.
This means that every time DNS server becomes unavailable we will lose syslog messages.
Is there any solution to this problem?