Syslog over HTTP

Description

You can send Syslog events and data to Mezmo Pipelines through an HTTP endpoint.

The default syslog port is unavailable due to the lack of inherent security. HTTP forwarding is now a common practice for syslog via TLS to protect from packet sniffing and plain text transmission.

Configuration

Use the standard HTTP endpoint for the configuration. Ensure that the encoding matches the configuration of your source.

You must use a discrete parsing processor after the source in order to properly ingest the data and make it accessible to subsequent processors in a pipeline.

This example of an rsyslog configuration illustrates using a defined template to allow inclusion of the API key with the omhttp output module documented here.

Bash
Copy
OptionDescription
Decoding MethodThe decoding method to use to convert frames to data events.
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
  Last updated