Hi, I currently have an issue where I am sending Syslog to Logstash and then forwarding to ELK and via syslog to a SIEM. The SIEM however is struggling to understand the log as think it is being sent in a format its not expecting. Is there a way to send normally to Elasticsearch and then just the raw message onto the syslog output.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.