Graylog solutions has the business requirements to forward interested log events to a remote locations like external monitoring platforms.
Graylog logs has an meta field called source which carries pod name . That is a temporary identifier name and it changes every time the pod is recreated.
We were able to transfer the logs to a remote destination over syslog TCP channel with syslog format as PLAIN format . The destination end receives the payload with syslog header containing the source names ( pods names ) which are dynamic . Once the source changes . the integration is breaking . Please help to how to choose the fields that i can send instead of actual source pod names while forwarding to the remote destination over syslog .
By the way i haven’t performed the syslog plugin installation .
Hi Hari, since you’ve also submitted this via the ticketing system, I’ll close this topic.