Fluent Bit: Official Manual
Fluent Bit: Official Manual
Fluent Bit v1.8 Documentation
About
What is Fluent Bit ?
A Brief History of Fluent Bit
Fluentd & Fluent Bit
License
Concepts
Key Concepts
Buffering
Data Pipeline
Installation
Getting Started with Fluent Bit
Upgrade Notes
Supported Platforms
Requirements
Sources
Linux Packages
Docker
Containers on AWS
Amazon EC2
Kubernetes
Yocto / Embedded Linux
Windows
Administration
Configuring Fluent Bit
Security
Buffering & Storage
Backpressure
Scheduling and Retries
Networking
Memory Management
Monitoring
Dump Internals / Signal
HTTP Proxy
Local Testing
Validating your Data and Structure
Running a Logging Pipeline Locally
Data Pipeline
Pipeline Monitoring
Inputs
Parsers
Filters
Outputs
Prometheus Exporter
Prometheus Remote Write
Amazon CloudWatch
Amazon Kinesis Data Firehose
Amazon Kinesis Data Streams
Amazon S3
Azure Log Analytics
Azure Blob
Google Cloud BigQuery
Counter
Datadog
Elasticsearch
File
FlowCounter
Forward
GELF
HTTP
InfluxDB
Kafka
Kafka REST Proxy
LogDNA
Loki
NATS
New Relic
NULL
PostgreSQL
Slack
Stackdriver
Standard Output
Splunk
Syslog
TCP & TLS
Treasure Data
WebSocket
Stream Processing
Introduction to Stream Processing
Overview
Changelog
Getting Started
Fluent Bit for Developers
C Library API
Ingest Records Manually
Golang Output Plugins
Developer guide for beginners on contributing to Fluent Bit
Powered by GitBook

Syslog

The Syslog output plugin allows you to deliver messages to Syslog servers, it supports RFC3164 and RFC5424 formats through different transports such as UDP, TCP or TLS.

As of Fluent Bit v1.5.3, the configuration is very strict in terms that you must be aware about the structure of your original record, so you can configure the plugin to use specific keys to compose your outgoing Syslog message.

Future versions of Fluent Bit are expanding this plugin feature set to support better handling of keys and message composing.

Configuration Parameters

Key

Description

Default

host

Domain or IP address of the remote Syslog server.

127.0.0.1

port

TCP or UDP port of the remote Syslog server.

514

mode

Set the desired transport type, the available options are tcp, tls and udp.

udp

syslog_format

Specify the Syslog protocol format to use, the available options are rfc3164 and rfc5424.

rfc5424

syslog_maxsize

Set the maximum size allowed per message. The value must be only integers representing the number of bytes allowed. If no value is provided, the default size is set depending of the protocol version specified by syslog_format , rfc3164 sets max size to 1024 bytes, while rfc5424 sets the size to 2048 bytes.

​

syslog_severity_key

Specify the name of the key from the original record that contains the Syslog severity number. This configuration is optional.

​

syslog_facility_key

Specify the name of the key from the original record that contains the Syslog facility number. This configuration is optional.

​

syslog_hostname_key

Specify the key name from the original record that contains the hostname that generated the message. This configuration is optional.

​

syslog_appname_key

Specify the key name from the original record that contains the application name that generated the message. This configuration is optional.

​

syslog_procid_key

Specify the key name from the original record that contains the Process ID that generated the message. This configuration is optional.

​

syslog_msgid_key

Specify the key name from the original record that contains the Message ID associated to the message. This configuration is optional.

​

syslog_sd_key

Specify the key name from the original record that contains the Structured Data (SD) content. This configuration is optional.

​

syslog_message_key

Specify the key name that contains the message to deliver. Note that if this property is mandatory, otherwise the message will be empty

​

Configuration File

Get started quickly with this configuration file:

[OUTPUT]
    name                 syslog
    match                *
    host                 syslog.yourserver.com
    port                 514
    mode                 udp
    syslog_format        rfc5424
    syslog_maxsize       2048
    syslog_severity_key  severity
    syslog_facility_key  facility
    syslog_hostname_key  hostname
    syslog_appname_key   appname
    syslog_procid_key    procid
    syslog_msgid_key     msgid
    syslog_sd_key        sd
    syslog_message_key   message
Previous
Splunk
Next
TCP & TLS
Last updated 1 year ago
Edit on GitHub
Contents
Configuration Parameters
Configuration File