Sending logs to remote syslog collector #1762
-
|
Hello, I modified suricata logstash output pipeline under /opt/so/conf/logstash/pipelines/search to add syslog output The problem is that after I restart the service using so-logstash-restart, my modifications get deleted and no changes saved I am just trying to send suricata logs to a syslog collector |
Beta Was this translation helpful? Give feedback.
Answered by
weslambert
Nov 2, 2020
Replies: 1 comment
-
|
You need to modify in /opt/so/saltstack/local/salt/logstash/....... for it to be persistent. Any custom modifications should go in |
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected by
dougburks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
You need to modify in /opt/so/saltstack/local/salt/logstash/....... for it to be persistent. Any custom modifications should go in
/opt/so/saltstack/local.