Hi All,
Iam glad to join this group.
Basically i'm in the midst of setting up POC for centralize log collection and analyse the log.
Following is my setup on RHEL 7.6.
Syslog-ng-collect log from remote clients
Elasticsearch
Kibana
Need your help to provide sample config file to parse syslog-ng log to elasticsearch and create index pattern,really appreciate your help.
the system module included in filebeat also consumes the syslog.
If running a lightweight shipper like filebeat on the edge system is not an option, there is also the syslog input in filebeat, which can receive remote syslog events via UDP or TCP.
The advantage with both of these would be that filebeat manages most of the index mapping for you if you let it ship the data directly to Elasticsearch.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.