Re: CentOS 7 rsyslog and ELK

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Fri, 10 Jul 2020 at 16:33, Pete Biggs <pete@xxxxxxxxxxxx> wrote:
>
> I asked a similar question about a year ago and didn't get any answers.
> So I thought I'd try again.
>

Honestly, as much as I have heard of people using Elastic Kibana..
they are usually using it for things already in JSON. WHen I looked in
the past I either found someone wanting me to set up a 20 node cluster
to monitor logs or someone sayin they had but nothing in it. I was
going to say I didn't know but decided to look again and I found this
article https://devconnected.com/monitoring-linux-logs-with-kibana-and-rsyslog/



> What do people do to get their syslog messages on CentOS 7 into a
> remote ELK stack.  I've tried lots of things involving rsyslog,
> filebeat, redis, logstash and so on in lots of different configurations
> but nothing really works.
>
> I can get rsyslog to talk directly to logstash (acting as a syslog
> server) but the messages don't have facility or severity codes in them
> which makes it considerably more difficult to manage the messages.
>

The section "b – Routing from rsyslog to Logstash" of the article
seems to cover a filter that needs to be added. You may have already
tried this.. but that is about all i can help with currently.

> P.
>
>
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> https://lists.centos.org/mailman/listinfo/centos



-- 
Stephen J Smoogen.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]


  Powered by Linux