I don't use ELK at the moment, but is this helpful?
% journalctl -f --output=json
The above command prints the continuous output of the systemd journal in
json format.
Jason
---------------------------------------------------------------------------
Jason Edgecombe | Linux Administrator
UNC Charlotte | Office of OneIT
9201 University City Blvd. | Charlotte, NC 28223-0001
Phone: 704-687-1943
jwedgeco@xxxxxxxx | http://engr.uncc.edu | Facebook
---------------------------------------------------------------------------
If you are not the intended recipient of this transmission or a person
responsible for delivering it to the intended recipient, any disclosure,
copying, distribution, or other use of any of the information in this
transmission is strictly prohibited. If you have received this transmission
in error, please notify me immediately by reply e-mail or by telephone at
704-687-1943. Thank you.
On Fri, Jul 10, 2020 at 4:33 PM Pete Biggs <pete@xxxxxxxxxxxx> wrote:
> I asked a similar question about a year ago and didn't get any answers.
> So I thought I'd try again.
>
> What do people do to get their syslog messages on CentOS 7 into a
> remote ELK stack. I've tried lots of things involving rsyslog,
> filebeat, redis, logstash and so on in lots of different configurations
> but nothing really works.
>
> I can get rsyslog to talk directly to logstash (acting as a syslog
> server) but the messages don't have facility or severity codes in them
> which makes it considerably more difficult to manage the messages.
>
> P.
>
>
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> https://lists.centos.org/mailman/listinfo/centos
>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
