配置文件:/etc/logstash/conf.d/logstash-indexer.conf
input {
#file {
# path => [ "/var/log/*.log", "/var/log/messages", "/var/log/syslog" ]
# type => "syslog"
#}
#redis {
# host => "192.168.10.1"
# type => "redis-input"
# data_type => "list"
# key => "logstash"
#}
tcp {
port => "1514"
type => "syslog"
}
udp {
port => "1514"
type => "syslog"
}
}
output {
elasticsearch { hosts => ["localhost:9200"] }
}
客户端rsyslog配置
编辑/etc/rsyslog.conf文件,最后面添加以下行:
.* @@192.168.22.205:1514
重启rsyslog:
service rsyslog restart
测试:
logger -p info "hello, rsyslog"
查看kibana是否有相关日志。
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
