We have an application deployed on AWS EKS cluster, which has a requirement of sending the application error messages to a syslog server.
Our default logs shipper is Fluent Bit, deployed as a Daemonset in the AWS EKS cluster.
Going over the official documentation of Fluent Bit,
There is an option for a Syslog input, which allows to collect Syslog messages through a Unix socket server (UDP or TCP) or over the network using TCP or UDP.
But loookin over the exsmpale in official documentation:
[SERVICE]
Flush 1
Log_Level info
Parsers_File parsers.conf
[INPUT]
Name syslog
Path /tmp/in_syslog
Buffer_Chunk_Size 32000
Buffer_Max_Size 64000
Receive_Buffer_Size 512000
[OUTPUT]
Name stdout
Match *
It seems that Fluent Bit,
Can’t recived any Syslog traps (like for exsample: Kiwi Server), but only perfromes a tail action, on the Syslog log file (in the exsample: /tmp/in_syslog).
Did I understand correctly the official documentation?
1