Hi,
I'm using the following input
input {
udp {
port =>
type => "rsyslog"
}
kafka {
bootstrap_servers => "IP-ADDRESS:PORT"
topics => "sth"
group_id => "sth1"
}
}
For UDP inputs, I receive a field named "host" that contains the sender IP address, but this field is not available for the Kafka inputs. I need the senders IP addresses and I want to totally switch from UDP input to Kafka input. How can I take the senders IP address in my new environment?
Regards
What does "sender" mean in the case of the kafka input?
Thanks.
For Example I have three machines generating logs and send them to Kafka and then Kafka sends them to Logstash. I need to know the IP address for the machine that generated each individual log. These three machines are senders.
Regards
I'm pretty sure that information isn't available in the message out of the box, but it seems more recent versions of Kafka support message headers so that producers can add their own hostname as a message header (though I don't know if Logstash's kafka input pays any attention to those headers). If that isn't an option you'll have to add the sender information to the message payload.
Thanks.
Is there any way to add sender information to the message payload using Logstash? I tries to add the host IP address as a tag, but It's not useful in my solution.
Regards
Sure, you can add fields to events in Logstash, but where would you obtain the sender information in this case?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.