Hi,
I'm trying to gather logs from Netgear switches using Syslog.
The idea is to configure all the switches to send logs via Syslog to a single filebeat instance and this filebeat instance is then sending the logs to an Elasticsearch instance.
I've been able fairly easily to achieve this setup with a syslog input configuration but I've seen in the documentation that Syslog input is deprecated and must be replaced by UDP input / Syslog processor.
The problem is that my message is not correctly parsed by Syslog processor.
For this syslog message:
<14> Jun 27 12:00:32 172.32.32.50-1 General[-1248711972]: <mark>main_login.c</mark>(763) 1771 %% HTTP Session 5 initiated for connection from 10.20.0.132
I have this error.message:
syslog failed to process field "message": parsing error at position 5: unexpected EOF
The same message is correctly parsed by syslog input.
Do you have any ideas on this problem ?
Thanks.