Syslog source plugin
Syslog is a standard protocol used for message logging and management in Unix and Unix-like systems. It is widely used for system monitoring, debugging, and troubleshooting.
The Syslog source plugin can collect messages through a Unix socket server using UDP or TCP, or over the network using TCP or UDP. It provides a flexible and customizable way to configure your Calyptia Core pipeline to receive, parse, and process Syslog messages.
Configuration parameters
The Syslog source plugin provides these configuration parameters.
General
| Key | Description |
|---|---|
| Port | TCP port used for listening for incoming messages. |
| Parser | Specify an alternative parser for the message. If Mode is set to tcp or udp then the default parser is syslog-rfc5424 otherwise syslog-rfc3164-local is used. If your syslog messages have fractional seconds, set this value to syslog-rfc5424 instead. If you have a custom parser, use Advanced Settings to designate the parser. |
| Mode | Specify UDP or TCP. |
Advanced
| Key | Description |
|---|---|
| Buffer Max Size | Specify the maximum buffer size in KB to receive a JSON message. |
| Buffer Chunk Size | Sets the chunk size for incoming JSON messages. Chunks are stored and managed in the space available by buffer_max_size. |
Security and TLS
| Key | Description |
|---|---|
| TLS | Enable or disable TLS/SSL support. |
| TLS Certificate Validation | Turn TLS/SSL certificate validation on or off. TLS must be on for this setting to be enabled. |
| TLS Debug Level | Set TLS debug verbosity level. Accepted values: 0 (No debug), 1 (Error), 2 (State change), 3 (Informational), 4 (Verbose). |
| CA Certificate File Path | Absolute path to CA certificate file. |
| Certificate File Path | Absolute path to certificate file. |
| Private key File Path | Absolute path to private key file. |
| Private Key Path Password | Optional password for tls.key_file file. |
| TLS SNI Hostname Extension | Hostname to be used for TLS SNI extension. |