TELEMETRY PIPELINE
Syslog

Syslog source plugin

The Syslog source plugin can collect messages through a Unix socket server using UDP or TCP, or over the network using TCP or UDP. This lets you configure Chronosphere Telemetry Pipeline to receive, parse, and process Syslog messages.

Supported telemetry types

This plugin supports these telemetry types:

LogsMetricsTraces

Configuration parameters

Use the parameters in this section to configure your plugin. The Telemetry Pipeline web interface uses the values in the Name column to describe the parameters. Items in the Key column are the YAML keys to use in pipeline configuration files.

Required

NameKeyDescriptionDefault
PortportRequired. The TCP port used for listening for incoming messages.5140
ParserparserSpecifies an alternative parser for the message. If Mode is set to tcp or udp, the default parser is syslog-rfc5424, otherwise syslog-rfc3164-local is used. If your syslog messages have fractional seconds, set this value to syslog-rfc5424 instead. If you have a custom parser, use Advanced Settings to designate the parser.none
ModemodeThe protocol to use. Accepted values: tcp, udp.tcp

Advanced

NameKeyDescriptionDefault
Buffer Max Sizebuffer_max_sizeSpecifies the maximum buffer size in KB to receive a JSON message.none
Buffer Chunk Sizebuffer_chunk_sizeSets the chunk size for incoming JSON messages. Chunks are stored and managed in the space available by buffer_max_size.none

Security and TLS

NameKeyDescriptionDefault
TLStlsEnables or disables TLS/SSL support. Accepted values: true, false.false
TLS Certificate Validationtls.verifyEnables or disables TLS/SSL certificate validation. TLS must be enabled for certificates to be validated. Accepted values: off, on.on
TLS Debug Leveltls.debugSets TLS debug verbosity level. Accepted values: 0 (No debug), 1 (Error), 2 (State change), 3 (Informational), 4 (Verbose).1
CA Certificate File Pathtls.ca_fileAbsolute path to CA certificate file.none
Certificate File Pathtls.crt_fileAbsolute path to certificate file.none
Private Key File Pathtls.key_fileAbsolute path to private key file.none
Private Key Path Passwordtls.key_passwdPassword for private key file.none
TLS SNI Hostname Extensiontls.vhostHostname to be used for TLS SNI extension.none