Syslog input, open only udp port

Sebastian_Herrera · June 5, 2018, 6:35pm

Hello, i want to know if there is any possibility to open only the udp port for syslog. Now when i configure it open both tcp and udp.

Regards

pge · June 28, 2018, 9:06am

Hi @Sebastian_Herrera
try this on input configuration file

input {
    udp {   
         type => "syslog" 
         port => 514 
    } 
}

if you have more than one interface you can specify also the ip.

Example:

input {
    udp {   
         type => "syslog" 
         port => 514 
         host => "192.168.1.100"
    } 
}

system · July 26, 2018, 9:06am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Syslog with UDP and TCP ports Logstash	2	298	August 8, 2020
Configuration with multiple types Logstash	2	775	March 14, 2018
Difference between input type "syslog" and "tcp"? Logstash	3	2292	December 20, 2017
What is the best way to transfer logs from Syslog server to Logstash? Logstash	1	382	June 10, 2018
Unable to capture some syslog with socket input Logstash	1	342	September 1, 2020