What is the best way to transfer logs from Syslog server to Logstash?

amruth · May 13, 2018, 12:58am

Hi,

I am trying to send logs from Syslog server to Logstash. Can someone please say what would be the best way?

Using Syslog input plugin or TCP? I am currently using TCP plugin but I feel I am missing nearly 25% logs. I also saw for syslog logs, they are using both TCP and UDP at the same time like,

input {
  tcp {
    port => 514
    type => syslog
  }
  udp {
    port => 514
    type => syslog
  }
}

Why to use both TCP and UDP at the same time? Please shed some light.

Thanks

system · June 10, 2018, 12:58am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Difference between input type "syslog" and "tcp"? Logstash	3	2279	December 20, 2017
Syslog with UDP and TCP ports Logstash	2	296	August 8, 2020
Logstash as syslog server - TCP is not working Logstash	2	1837	February 28, 2020
How to configure syslog output plugin to useboth tcp and udp protocols based on Remote syslog protocol Logstash	2	202	May 11, 2022
Logstash with syslog input doesn't send logs to Elasticsearch Logstash elastic-stack-security	1	490	July 22, 2020

What is the best way to transfer logs from Syslog server to Logstash?

Related Topics