logstash之input配置syslog类型详解

用途
监控syslog,监控系统运行情况
配置示例
input {
    syslog {
        port => 5000
        type => "demo-syslog"
    }
}

output {
    stdout {
        codec => rubydebug
    }
}


启动
bin/logstash -f /etc/logstash/conf.d/demo-input-syslog.conf

测试
telnet localhost 5000
结果
{
          "severity" => 0,
        "@timestamp" => 2017-06-12T09:41:46.655Z,
          "@version" => "1",
              "host" => "127.0.0.1",
           "message" => "heloooooooo\r\n",
              "type" => "demo-syslog",
          "priority" => 0,
          "facility" => 0,
    "severity_label" => "Emergency",
              "tags" => [
        [0] "_grokparsefailure_sysloginput"
    ],
    "facility_label" => "kernel"
}



Tagged , , , . Bookmark the permalink.

Comments are closed.