• Is there a way to configure syslog do not split long log messages?

    Vitaly Karasik
    Vitaly Karasik
    For now Sohpos UTM syslog splits long log messages. Is there a way to configure syslog do not split long log messages? I'm shipping Sophos logs to my logstash server, which sends them to Elastic. I'll prefer to not deal with multi-line messages parsing…
    • Answered
    • over 7 years ago
    • UTM Firewall
    • Management, Networking, Logging and Reporting
  • ipfix.yaml file for UTM export of IPFIX flows to Logstash?

    korgull
    korgull
    From /etc/logstash/conf.d/central.conf: input { type => "ipfix" } tcp { port => 4739 codec => netflow { versions => [10] target => ipfix } type => "ipfix" } } # end of input output { if [type] == "ipfix" { elasticsearch { index => "ipfix_logs-%{+YYYY…
    • over 7 years ago
    • UTM Firewall
    • Management, Networking, Logging and Reporting
  • UTM Remote logging to Logstash/Elasticsearch ELK

    bblank
    bblank
    Posting this here if anyone wants to point their UTM logs to a remote logstash/elasticsearch instance. This is a working sample logstash.conf file. I pointed my remote logging to my logstash server on port 5140. This works for all of the UTM log types…
    • over 8 years ago
    • UTM Firewall
    • Management, Networking, Logging and Reporting
  • View related content throughout UTM Firewall
  • More
  • Cancel