10 Jul
2020
10 Jul
'20
10:32 p.m.
I asked a similar question about a year ago and didn't get any answers. So I thought I'd try again.
What do people do to get their syslog messages on CentOS 7 into a remote ELK stack. I've tried lots of things involving rsyslog, filebeat, redis, logstash and so on in lots of different configurations but nothing really works.
I can get rsyslog to talk directly to logstash (acting as a syslog server) but the messages don't have facility or severity codes in them which makes it considerably more difficult to manage the messages.
P.