Is there one? If so where is it? Or does the plugin just tell logstash that if it sees syslog type it knows what to do?
Do I need to create a logstash-input-syslog.conf manually, and stick the port I want to listen on in it?
Am I missing a trick? I read the online stuff about working with plugins but it wasn’t clear to me whether I should be looking for a pre-existing plugin conf file to edit or not?
Sorry for the newbie ignorance but if I’m having to create a conf file and put it in conf.d myself what is the plugin giving me?
Thanks... I can’t seem to find any of them in my system. I’m a bit embarrassed as everyone here chats away about editing the conf files and I can’t even find them to start.
I successfully installed the logstash-input-syslog plugin but only know this as it reported success. Can’t find it to work with it lol nor any of the defaults...
It's kinda similar to configuration management engines. Puppet/Ansible don't know how Elasticsearch work, but they can deploy it and then configure it in a way that you tell it.
The whole idea is that you only need to define a minimum config and the Logstash handles all the heavy lifting. You don't interact with the input files, you just tell it how it should run and it manages opening ports or connections and other things like that.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.