<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">At the moment I am focused on
winlogbeats. The latest releases of winlogbeats don't have a
streaming json output. This means that the json parser will not
accept the raw data.<br>
<br>
I will also want to use filebeat as well.<br>
<br>
I would be happy with a way for syslog-ng to consume any of the
output formats of the Elastic Beats family. The list is<br>
<br>
Elasticsearch<br>
Logstash<br>
Kafka<br>
Redis<br>
<br>
<br>
My understanding is that Logstash is really the lumberjack
protocol version 2. <br>
<br>
I think that the only 2 realistic formats for consumption by
syslog-ng would be Logstash or Kafka. The Elasticsearch protocol
is over http(s) which is not a good fit for syslog-ng input.<br>
<br>
Evan.<br>
<br>
On 01/10/2018 09:43 PM, Laszlo Budai wrote:<br>
</div>
<blockquote type="cite"
cite="mid:HE1PR0602MB2747B7CF228B8F8C0E37C1B78E160@HE1PR0602MB2747.eurprd06.prod.outlook.com">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<meta content="text/html; charset=utf-8">
<div id="compose-container" itemscope=""
itemtype="https://schema.org/EmailMessage" style="direction:ltr">
<span itemprop="creator" itemscope=""
itemtype="https://schema.org/Organization"><span
itemprop="name"></span></span>
<div>
<div>
<div style="direction:ltr">Hi,</div>
<div><br>
</div>
<div style="direction:ltr">you mean Elastic Beats? Could you
share your use case in more details(what kind of beats you
would like to use, and so on)?
</div>
<div><br>
</div>
<div style="direction:ltr">regards,</div>
<div style="direction:ltr">Laszlo Budai</div>
</div>
<div><br>
</div>
<div class="acompli_signature">Get <a
href="https://aka.ms/o0ukef" moz-do-not-send="true">Outlook
for iOS</a></div>
</div>
</div>
<hr tabindex="-1" style="display:inline-block; width:98%">
<div id="divRplyFwdMsg" dir="ltr"><font style="font-size:11pt"
color="#000000" face="Calibri, sans-serif"><b>From:</b>
syslog-ng <a class="moz-txt-link-rfc2396E" href="mailto:syslog-ng-bounces@lists.balabit.hu"><syslog-ng-bounces@lists.balabit.hu></a> on behalf
of Scot <a class="moz-txt-link-rfc2396E" href="mailto:scotrn@gmail.com"><scotrn@gmail.com></a><br>
<b>Sent:</b> Thursday, January 11, 2018 2:47:52 AM<br>
<b>To:</b> Syslog-ng users' and developers' mailing list<br>
<b>Subject:</b> Re: [syslog-ng] Anyone sourcing from beats</font>
<div> </div>
</div>
<div>
<div dir="ltr">Posted in thread.
<div>
<h2 id="gmail-:5hm" class="gmail-hP" tabindex="-1"
style="font-style:normal; font-family:arial,sans-serif">
<span style="font-weight:normal">Re: Re: [syslog-ng]
Syslog-ng input for <span class="gmail-il">beats</span> ?
[SUMMARY01]</span></h2>
<span id="gmail-:5hn" class="gmail-J-J5-Ji"
style="font-size:17.6px">
<div class="gmail-pG" id="gmail-:5i2"
style="padding-top:0px; padding-right:7px;
padding-left:10px; margin-right:13px;
display:inline-block">
</div>
</span></div>
<div><span class="gmail-J-J5-Ji" style="font-size:17.6px"><br>
</span></div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Wed, Jan 10, 2018 at 4:42 PM, Evan
Rempel <span dir="ltr">
<<a href="mailto:erempel@uvic.ca" target="_blank"
moz-do-not-send="true">erempel@uvic.ca</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;
border-left:1px #ccc solid; padding-left:1ex">
Looking for a clean way to get beats products to send data
to syslog-ng.<br>
<br>
Does anyone have a working example?<span class="HOEnZb"><font
color="#888888"><br>
<br>
-- <br>
Evan<br>
</font></span></blockquote>
</div>
</div>
</div>
</blockquote>
<br>
</body>
</html>