Hi,
I am running ELK stack on a Windows box. We got a couple of load balancers appliances and they have the option to export logs in syslog format.
How can I configure my Elasticsearch or Logstash to receive them? Do I need filters too? Please, suggest the configuration settings.
You can use the syslog input for that - https://www.elastic.co/guide/en/logstash/current/plugins-inputs-syslog.html
As for filters, that's hard to say without more info.
Thanks Warkolm,
What if I want to tag the incoming syslog data on specific port?
Use the add_fields directive.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.