I asked a similar question about a year ago and didn't get any answers. So I thought I'd try again. What do people do to get their syslog messages on CentOS 7 into a remote ELK stack. I've tried lots of things involving rsyslog, filebeat, redis, logstash and so on in lots of different configurations but nothing really works. I can get rsyslog to talk directly to logstash (acting as a syslog server) but the messages don't have facility or severity codes in them which makes it considerably more difficult to manage the messages. P.