Udp output not working

Senthil_ak · October 10, 2019, 8:16pm

Hi admin,
I have simple logstash config where i am routing(shipping) logs to some other logstash based on the beat host name, below is the logstash config. I removed the IP, but is not shipping any logs to their server. In my elk i am able to see the logs vai kibana.

I bit doubt on the [host] condition. ( thinking of giving as [agent][hostname], but want to confirm it first )

# Logstash configuration
# Beats -> Logstash -> Elasticsearch.

input {
  beats {
    port => 5044
  }
}
#-------------------------------------------------------------------------------
output {
    elasticsearch {
      hosts => ["http://<ip1>:9200","http://<ip2>:9200","http://<ip3>:9200"]
    }
  }
#  stdout { codec => rubydebug }
}
#-------------------------------------------------------------------------------
output {
  if [host] =~ "moaf-iws" {
    udp {
      host => "XX.XXX.XXX.XXX"
      port => "8011"
    }
  }
}
#-------------------------------------------------------------------------------

Senthil_ak · October 14, 2019, 2:07pm

@magnusbaeck - Could you please check this one ?

system · November 11, 2019, 2:07pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.