[syslog-ng] SUMO Logic Integration
Scot
scotrn at gmail.com
Thu Jan 25 19:35:38 UTC 2018
Hi all,
Thought I had asked already but I don't see it, so sorry if it's a repost.
I now have the need to switch all my syslog-ng -> SPLUNK feeds over to
SUMO. Including json/beats going through syslog-ng :(
Sumo supports a syslog tcp/udp collection, I setup an "Installed Collector"
local to the environment. Seems to work fine until you you need to match
categories in sumo.
The sumo config seems to be pretty limited per instance so looking at
spinning up multiple instances of sumo just to support Category mapping.
Not happy with the product.
Anyone working with syslog-ng and SUMO who would like to collaborate?
Scot
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20180125/ed5f021e/attachment.html>
More information about the syslog-ng
mailing list