Logstash syslog wont accept ports other than 514

I'm trying to get logstash to accept Syslog transmissions and it's giving me the following error messages:

syslog listener died {:protocol=>:udp, :address=>"", :exception=>#<SocketError: bind: name or service not known>,

syslog listener died {:protocol=>:tcp, :address=>"", :exception=>#<Errno::EACCES: Permission denied - bind(2)>

Following is my config file:


    syslog {
            type => "fortigate"
            port => 55555


elasticsearch {
hosts => ["localhost:9200"]
index => "fortigate-%{+YYYY.MM.dd}"

Unless you run Logstash as root or employ another workaround Logstash won't be able to listen on port 514. Are you sure that's the only configuration you have? Your logs clearly indicate Logstash trying to bind to port 514 but your configuration file says 55555.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.