What is the best way to transfer logs from Syslog server to Logstash?

amruth · May 13, 2018, 12:58am

Hi,

I am trying to send logs from Syslog server to Logstash. Can someone please say what would be the best way?

Using Syslog input plugin or TCP? I am currently using TCP plugin but I feel I am missing nearly 25% logs. I also saw for syslog logs, they are using both TCP and UDP at the same time like,

input {
  tcp {
    port => 514
    type => syslog
  }
  udp {
    port => 514
    type => syslog
  }
}

Why to use both TCP and UDP at the same time? Please shed some light.

Thanks

system · June 10, 2018, 12:58am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Apache web server logs - best practice? Logstash	1	258	May 6, 2019
Difference between input type "syslog" and "tcp"? Logstash	3	2291	December 20, 2017
Syslog with UDP and TCP ports Logstash	2	298	August 8, 2020
Logstash as syslog server - TCP is not working Logstash	2	1843	February 28, 2020
Logstash syslog issue Logstash	9	1098	April 23, 2018

What is the best way to transfer logs from Syslog server to Logstash?

Related topics