- boundary
- csv
- circonus
- cloudwatch
- datadog
- datadog_metrics
- elasticsearch
- exec
- file
- graphtastic
- ganglia
- graphite
- google_bigquery
- google_cloud_storage
- gelf
- http
- hipchat
- irc
- influxdb
- jira
- juggernaut
- kafka
- loggly
- librato
- lumberjack
- mongodb
- metriccatcher
- nagios
- nagios_nsca
- null
- opentsdb
- pagerduty
- pipe
- rackspace
- riak
- riemann
- redis
- redmine
- rabbitmq
- solr_http
- sns
- syslog
- stomp
- statsd
- stdout
- sqs
- s3
- tcp
- udp
- websocket
- xmpp
- zabbix
- zeromq
Send events to a syslog server.
You can send messages compliant with RFC3164 or RFC5424 UDP or TCP syslog transport is supported
This plugin supports the following configuration options:
Required configuration options:
syslog {
facility => ...
host => ...
port => ...
severity => ...
}Available configuration options:
| Setting | Input type | Required | Default value |
|---|---|---|---|
No |
| ||
No |
| ||
string, one of | Yes | ||
Yes | |||
No |
| ||
Yes | |||
No |
| ||
string, one of | No |
| |
string, one of | No |
| |
string, one of | Yes | ||
No |
| ||
No |
|
- Value type is codec
-
Default value is
"plain"
The codec used for output data. Output codecs are a convenient method for encoding your data before it leaves the output, without needing a separate filter in your Logstash pipeline.
- DEPRECATED WARNING: This configuration item is deprecated and may not be available in future versions.
- Value type is array
-
Default value is
[]
Only handle events without any of these tags. Note this check is additional to type and tags.
- This is a required setting.
-
Value can be any of:
kernel,user-level,mail,daemon,security/authorization,syslogd,line printer,network news,uucp,clock,security/authorization,ftp,ntp,log audit,log alert,clock,local0,local1,local2,local3,local4,local5,local6,local7 - There is no default value for this setting.
facility label for syslog message
- This is a required setting.
- Value type is string
- There is no default value for this setting.
syslog server address to connect to
- This is a required setting.
- Value type is number
- There is no default value for this setting.
syslog server port to connect to
-
Value can be any of:
tcp,udp -
Default value is
"udp"
syslog server protocol. you can choose between udp and tcp
-
Value can be any of:
rfc3164,rfc5424 -
Default value is
"rfc3164"
syslog message format: you can choose between rfc3164 or rfc5424
- This is a required setting.
-
Value can be any of:
emergency,alert,critical,error,warning,notice,informational,debug - There is no default value for this setting.
severity label for syslog message
- DEPRECATED WARNING: This configuration item is deprecated and may not be available in future versions.
- Value type is array
-
Default value is
[]
Only handle events with all of these tags. Note that if you specify a type, the event must also match that type. Optional.
- DEPRECATED WARNING: This configuration item is deprecated and may not be available in future versions.
- Value type is string
-
Default value is
"%{@timestamp}"
timestamp for syslog message
- DEPRECATED WARNING: This configuration item is deprecated and may not be available in future versions.
- Value type is string
-
Default value is
""
The type to act on. If a type is given, then this output will only
act on messages with the same type. See any input plugin’s type
attribute for more.
Optional.
- Value type is number
-
Default value is
1
The number of workers to use for this output. Note that this setting may not be useful for all outputs.