This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Name the components on this agent | |
| agent1.sources = syslog1 | |
| agent1.sinks = logger1 | |
| agent1.channels = memory1 | |
| # | |
| agent1.sources.syslog1.type = syslogudp | |
| agent1.sources.syslog1.port = 11111 | |
| agent1.sources.syslog1.host = 0.0.0.0 | |
| agent1.sources.syslog1.channels = memory1 | |
| # Describe the sink | |
| agent1.sinks.logger1.type = logger | |
| # Use a channel which buffers events in memory | |
| agent1.channels.memory1.type = memory | |
| agent1.channels.memory1.capacity = 1000 | |
| agent1.channels.memory1.transactionCapacity = 100 | |
| # Bind the source and sink to the channel | |
| agent1.sources.syslog1.channels = memory1 | |
| agent1.sinks.logger1.channel = memory1 |
bin/flume-ng agent --conf conf --conf-file conf/flumesyslogudp.properties --name agent1
-Dflume.root.logger=DEBUG,console
syslogtcp instead of syslogudp
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Name the components on this agent | |
| agent1.sources = syslog1 | |
| agent1.sinks = logger1 | |
| agent1.channels = memory1 | |
| # | |
| agent1.sources.syslog1.type = syslogtcp | |
| agent1.sources.syslog1.port = 11111 | |
| agent1.sources.syslog1.host = 0.0.0.0 | |
| agent1.sources.syslog1.channels = memory1 | |
| # Describe the sink | |
| agent1.sinks.logger1.type = logger | |
| # Use a channel which buffers events in memory | |
| agent1.channels.memory1.type = memory | |
| agent1.channels.memory1.capacity = 1000 | |
| agent1.channels.memory1.transactionCapacity = 100 | |
| # Bind the source and sink to the channel | |
| agent1.sources.syslog1.channels = memory1 | |
| agent1.sinks.logger1.channel = memory1 |
bin/flume-ng agent --conf conf --conf-file conf/flumesyslogtcp.properties --name agent1
-Dflume.root.logger=DEBUG,console
2 comments:
I really appreciate information shared above. It’s of great help. If someone want to learn Online (Virtual) instructor lead live training in IBM QRADAR SIEM , kindly contact us http://www.maxmunus.com/contact
MaxMunus Offer World Class Virtual Instructor led training On IBM QRADAR SIEM. We have industry expert trainer. We provide Training Material and Software Support. MaxMunus has successfully conducted 100000+ trainings in India, USA, UK, Australlia, Switzerland, Qatar, Saudi Arabia, Bangladesh, Bahrain and UAE etc.
For Demo Contact us.
Saurabh Srivastava
MaxMunus
E-mail: saurabh@maxmunus.com
Skype id: saurabhmaxmunus
Ph:+91 8553576305 / 080 - 41103383
http://www.maxmunus.com/
Thanks for info....
Website development in Bangalore
Post a Comment