ingestor_syslog job from logsearch/17

Github source: 9d9993c3 or master branch

Properties¶

archiver¶

enabled¶

Default

false

elasticsearch¶

flush_size¶

Redis queue flush size

Default

100

host¶

IP / DNS of elasticsearch http endpoint

port¶

Port of elasticsearch http endpoint

Default

9200

logstash¶

metadata_level¶

Whether to include additional metadata throughout the event lifecycle. NONE = disabled, DEBUG = fully enabled

Default

NONE

logstash_ingestor¶

debug¶

Debug level logging

Default

false

syslog¶

port¶

Port to listen for syslog messages

Default

5514

syslog_tls¶

port¶

Port to listen for syslog-TLS messages (omit to disable)

ssl_cert¶

Syslog-TLS SSL certificate (file contents, not a path) - required if logstash_ingestor.syslog_tls.port set

ssl_key¶

Syslog-TLS SSL key (file contents, not a path) - required if logstash_ingestor.syslog_tls.port set

redis¶

host¶

Redis host of queue

key¶

Name of queue to pull messages from

Default

logstash

port¶

Redis port of queue

Default

6379

Templates¶

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/ingestor_syslog/ directory (learn more).

• bin/ingestor_syslog_ctl (from bin/ingestor_syslog_ctl)
• bin/monit_debugger (from bin/monit_debugger)
• config/syslog_tls.crt (from config/syslog_tls.crt.erb)
• config/syslog_tls.key (from config/syslog_tls.key.erb)
• config/syslog_to_redis.conf (from config/syslog_to_redis.conf.erb)
• data/properties.sh (from data/properties.sh.erb)
• helpers/ctl_setup.sh (from helpers/ctl_setup.sh)
• helpers/ctl_utils.sh (from helpers/ctl_utils.sh)

Packages¶

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.

• java7
• logstash