How to convert syslog to json in syslog server on freeBSD8.3 OS

Question

I am using FreeBSD 8.3 and syslog server is running on it. now i have configured my syslog server to send logs to remote server by simply adding these lines in /etc/syslog.conf file

*.notice;kern.debug;lpr.info;mail.crit;                         @10.10.1.254
news.err;local0.none;local3.none;local7.none                    @10.10.1.254
security.*                                                      @10.10.1.254
auth.info;authpriv.info;daemon.info                             @10.10.1.254
*.emerg                                                         @10.10.1.254

where 10.10.1.254 is my remote host IP address, it's sending the logs to remote host on UDP, but I want to send logs in JSON format and on TCP. Is it possible?

This sounds like an XY problem, now what is it you are really trying to achieve? — HBruijn, Jul 09 '14 at 11:29

score 1 · Answer 1 · answered Jul 09 '14 at 11:43

1

I wouldn't. That's not what syslog is for.

What I would suggest instead is to have a look at logstash - which is a tool for parsing syslogs and aggregating them to a database in JSON format.

answered Jul 09 '14 at 11:43

Sobrique

3,747
2
15
36

How to convert syslog to json in syslog server on freeBSD8.3 OS

1 Answers1