Hey!
I have some devices pointing at logstash and in turn this is forwarding on to a SIEM via syslog - however when we output to syslog the messages appear to come from logstash - is there a way to preserve the syslogging host?
Thanks!
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.