syslog
Receive syslog packets in real-time for a specified time window.
syslog window=TIME_SPAN
- window=TIME_SPAN
- Receive syslog messages in realtime for specified duration. You should use s(second), m(minute), h(hour), d(day), mon(month) time unit. For example,
10smeans real-time data for 10 seconds timeout.
Output Fields
| Field | Type | Name | Description |
|---|---|---|---|
| _time | Date | Time | Received time. |
| syslog_ip | IP address | IP | Remote host IP address. |
| syslog_port | Integer | Port | Local port where syslog was received. |
| severity | Integer | Severity | Syslog severity level. |
| facility | Integer | Facility | Syslog facility code. |
| line | String | Message | Syslog message contents. |