input {
tcp {
port => 514
type => syslog
}
udp {
port => 514
type => syslog
}
}
VS
input {
syslog {
port => 514
}
}
If I need to receive syslog messages and use "TLS" Encryption. In Syslog input plugin doesn't supported so far, I try to find the alternative solution, if there is please help me and thank you.
I'm not sure there is anything else to explain, the tcp and udp input will receive any message will send, they do not expect the message to follow any format, the syslog input expects the message to follow a specfic format.
You can use grok, dissect, kv, json, it depends on the format your message, but you need to use any parsing filter that logstash have to parse the message.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.