- boundary
- csv
- circonus
- cloudwatch
- datadog
- datadog_metrics
- elasticsearch
- exec
- file
- graphtastic
- ganglia
- graphite
- google_bigquery
- google_cloud_storage
- gelf
- http
- hipchat
- irc
- influxdb
- jira
- juggernaut
- kafka
- loggly
- librato
- lumberjack
- mongodb
- metriccatcher
- nagios
- nagios_nsca
- null
- opentsdb
- pagerduty
- pipe
- rackspace
- riak
- riemann
- redis
- redmine
- rabbitmq
- solr_http
- sns
- syslog
- stomp
- statsd
- stdout
- sqs
- s3
- tcp
- udp
- websocket
- xmpp
- zabbix
- zeromq
Send events to a syslog server.
You can send messages compliant with RFC3164 or RFC5424 UDP or TCP syslog transport is supported
This plugin supports the following configuration options:
Required configuration options:
syslog { facility => ... host => ... port => ... severity => ... }
Available configuration options:
Setting | Input type | Required | Default value |
---|---|---|---|
No |
| ||
No |
| ||
string, one of | Yes | ||
Yes | |||
No |
| ||
Yes | |||
No |
| ||
string, one of | No |
| |
string, one of | No |
| |
string, one of | Yes | ||
No |
| ||
No |
|
- Value type is codec
-
Default value is
"plain"
The codec used for output data. Output codecs are a convenient method for encoding your data before it leaves the output, without needing a separate filter in your Logstash pipeline.
- DEPRECATED WARNING: This configuration item is deprecated and may not be available in future versions.
- Value type is array
-
Default value is
[]
Only handle events without any of these tags. Note this check is additional to type and tags.
- This is a required setting.
-
Value can be any of:
kernel
,user-level
,mail
,daemon
,security/authorization
,syslogd
,line printer
,network news
,uucp
,clock
,security/authorization
,ftp
,ntp
,log audit
,log alert
,clock
,local0
,local1
,local2
,local3
,local4
,local5
,local6
,local7
- There is no default value for this setting.
facility label for syslog message
- This is a required setting.
- Value type is string
- There is no default value for this setting.
syslog server address to connect to
- This is a required setting.
- Value type is number
- There is no default value for this setting.
syslog server port to connect to
-
Value can be any of:
tcp
,udp
-
Default value is
"udp"
syslog server protocol. you can choose between udp and tcp
-
Value can be any of:
rfc3164
,rfc5424
-
Default value is
"rfc3164"
syslog message format: you can choose between rfc3164 or rfc5424
- This is a required setting.
-
Value can be any of:
emergency
,alert
,critical
,error
,warning
,notice
,informational
,debug
- There is no default value for this setting.
severity label for syslog message
- DEPRECATED WARNING: This configuration item is deprecated and may not be available in future versions.
- Value type is array
-
Default value is
[]
Only handle events with all of these tags. Note that if you specify a type, the event must also match that type. Optional.
- DEPRECATED WARNING: This configuration item is deprecated and may not be available in future versions.
- Value type is string
-
Default value is
"%{@timestamp}"
timestamp for syslog message
- DEPRECATED WARNING: This configuration item is deprecated and may not be available in future versions.
- Value type is string
-
Default value is
""
The type to act on. If a type is given, then this output will only
act on messages with the same type. See any input plugin’s type
attribute for more.
Optional.
- Value type is number
-
Default value is
1
The number of workers to use for this output. Note that this setting may not be useful for all outputs.