Hey!
I have some devices pointing at logstash and in turn this is forwarding on to a SIEM via syslog - however when we output to syslog the messages appear to come from logstash - is there a way to preserve the syslogging host?
Thanks!
Hey!
I have some devices pointing at logstash and in turn this is forwarding on to a SIEM via syslog - however when we output to syslog the messages appear to come from logstash - is there a way to preserve the syslogging host?
Thanks!
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.