MachinesTalks/logstash
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
logstash/conf.d/syslog.conf
mt 9be65e379b added final changes to repo
2025-02-18 16:02:34 +03:00

32 lines
914 B
Plaintext
Raw Permalink Blame History

input {
syslog {
port => 6005
grok_pattern => "<%{POSINT:syslog_pri}>%{SYSLOGTIMESTAMP:syslog_timestamp} %{SYSLOGHOST:syslog_hostname} %{DATA:syslog_program}(?:\[%{POSINT:syslog_pid}\])?: %{GREEDYDATA:syslog_message}"
id => "syslog"
}
}
filter {
syslog_pri { }
date {
match => [ "syslog_timestamp", "MMM dd HH:mm:ss", "MMM dd HH:mm:ss" ]
target => "syslog_timestamp"
}
mutate {
remove_field => [ "severity", "severity_label", "priority", "facility", "message", "@timestamp" ]
}
}
output {
elasticsearch {
hosts => ["http://10.12.174.15:9200","http://10.12.174.16:9200","http://10.12.174.17:9200"]
user => "logstash_internal"
password => "vK54tBEFUZaKBVtwsmlHksbr07Rm8cTn"
ilm_enabled => true
ilm_rollover_alias => "simfony-syslog"
ilm_policy => "simfony-syslog"
ilm_pattern => "000001"
}
}
Reference in New Issue View Git Blame Copy Permalink