Logstash - Syslog Output - Custom message

Logstash - Syslog Output - Custom message

Hi,
I'm I working with Logstash - Syslog Output and I've found out problem with setting custom field message. I'm using Elasticstack 7.8.0.

I've installed logstash syslog-output plugin.

/usr/share/logstash/bin/logstash-plugin install logstash-output-syslog

Logstash configuration:

 output {
    syslog {
        host => "localhost"
        sourcehost => "logstash-other-as1"
        port => 10514
        protocol => "tcp"
        message => "testing message"
        #message => "%{custom-message}"
        appname => "apptest"
      }
}

I'm storing all received data to Elasticsearch DB to review them. Data (Document in Kibana) looks like:

<13>Jul 13 13:41:11 logstash-other-as1 apptestopttest[-]: 2020-07-13T13:41:11.000Z %{host} %{message}

I was using the same configuration on ES stack 6.3.2 and it worked wellworked.
Does anyone know how to resolve this issue?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.