You are using syslog output and input to move events between logstash instances? I would suggest switching to a lumberjack output and a beats input. If you are really married to syslog you can do something like this to send the entire event.
You are using syslog output and input to move events between logstash instances? I would suggest switching to a lumberjack output and a beats input. If you are really married to syslog you can do something like this to send the entire event.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.