What is the best way to transfer logs from Syslog server to Logstash?

amruth · May 13, 2018, 12:58am

Hi,

I am trying to send logs from Syslog server to Logstash. Can someone please say what would be the best way?

Using Syslog input plugin or TCP? I am currently using TCP plugin but I feel I am missing nearly 25% logs. I also saw for syslog logs, they are using both TCP and UDP at the same time like,

input {
  tcp {
    port => 514
    type => syslog
  }
  udp {
    port => 514
    type => syslog
  }
}

Why to use both TCP and UDP at the same time? Please shed some light.

Thanks

system · June 10, 2018, 12:58am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.