syslogd
With plain syslogd, you can send logs to Sematext Logs Management App via UDP if you add this line to your /etc/syslog.conf:
Before you restart syslogd, register your public IP. If you're behind a NAT or registering IPs doesn't suit your use-case, there are other options:
- if you just want to test sending a few logs to Logs Management App, you can use your application token in a CEE-formatted JSON message. For example:
- change your syslog daemon from syslogd to rsyslog or syslog-ng or anything else that lets you format your messages, so you can build a JSON containing your Logs Management application token like the one above
- similar to the solution above, you can use a separate machine for consolidating your logs, where you'd install rsyslog or syslog-ng. Configure that machine to send logs to Logs Management App, and configure your syslogd to send logs to your logs to your "central" rsyslog/syslog-ng via UDP:
If your central machine is running syslog-ng, you'll have to add an udp() option to your source() statement in /etc/syslog-ng/syslog-ng.conf:
If your central machine is running rsyslog, you'll have to load the UDP input module and run it on the standard port 514: