Syslog source plugin
The Syslog source plugin
(name: syslog) can collect messages through a Unix socket server using UDP or
TCP, or over the network using TCP or UDP. This lets you configure your
telemetry pipeline to receive, parse, and process Syslog messages.
This is a push-based source plugin.
Supported telemetry types
This plugin for Chronosphere Telemetry Pipeline supports these telemetry types:
| Logs | Metrics | Traces |
|---|---|---|
Configuration parameters
Use the parameters in this section to configure your plugin. The Telemetry Pipeline web interface uses the values in the Name column to describe the parameters. Items in the Key column are the YAML keys to use in pipeline configuration files.
Required
| Name | Key | Description | Default |
|---|---|---|---|
| Port | port | Required. The TCP port used for listening for incoming messages. | 5140 |
| Parser | parser | Specifies an alternative parser for the message. If Mode is set to tcp or udp, the default parser is syslog-rfc5424, otherwise syslog-rfc3164-local is used. If your syslog messages have fractional seconds, set this value to syslog-rfc5424 instead. If you have a custom parser, use Advanced Settings to designate the parser. | none |
| Mode | mode | The protocol to use. Accepted values: tcp, udp. | tcp |
Advanced
| Name | Key | Description | Default |
|---|---|---|---|
| Buffer Max Size | buffer_max_size | Sets the maximum chunk (opens in a new tab) size for buffered data. If a single record exceeds this size, the plugin drops that record. | none |
| Buffer Chunk Size | buffer_chunk_size | Sets the default chunk (opens in a new tab) size for buffered data. If a single record exceeds this size, the plugin temporarily increases the chunk size up to the value of buffer_max_size to accommodate it. | none |
| Memory Buffer Limit | mem_buf_limit | For pipelines with the Deployment or DaemonSet workload type only. Sets a limit for how much buffered data the plugin can write to memory, which affects backpressure. This value must follow Fluent Bit’s rules for unit sizes (opens in a new tab). If unspecified, no limit is enforced. | none |
Security and TLS
| Name | Key | Description | Default |
|---|---|---|---|
| TLS | tls | If true, enables TLS/SSL. If false, disables TLS/SSL. Accepted values: true, false. | false |
| TLS Certificate Validation | tls.verify | If on, and if tls is true, enables TLS/SSL certificate validation. If off, disables TLS/SSL certificate validation. Accepted values: on, off. | on |
| TLS Debug Level | tls.debug | Sets TLS debug verbosity level. Accepted values: 0 (No debug), 1 (Error), 2 (State change), 3 (Informational), 4 (Verbose). | 1 |
| CA Certificate File Path | tls.ca_file | Absolute path to CA certificate file. | none |
| Certificate File Path | tls.crt_file | Absolute path to certificate file. | none |
| Private Key File Path | tls.key_file | Absolute path to private key file. | none |
| Private Key Path Password | tls.key_passwd | Password for private key file. | none |
| TLS SNI Hostname Extension | tls.vhost | Hostname to be used for TLS SNI extension. | none |