Hello all,
I need your help to understand how I forward UNIX SYSTEM (SOLARIS) messages to ELS?
Thanks
Are you talking about syslog messages? And ELS means Elasticsearch?
https://www.elastic.co/guide/en/logstash/current/config-examples.html should give you some inspiration. The syslog example there sets up network listeners but if you're running Logstash on the Solaris host you could read from local files instead with a file input plugin.
Does that mean I need to install Logstash + Plugin syslog on each UNIX server?
No. You can configure the local syslog daemon to ship the messages over the network. Another option is to install Filebeat to ship the logs from disk.
There are many ways of doing this. The sooner you tell us what particular requirements you quicker things go.
Does LOGSTASH know to accept syslog events?
The link I posted contains an example of just that.
Thank you,
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.