I have a java application running in a docker container on a docker host. The application uses log4j for logging and logging in syslog. I want to be able to send syslog logs to logstash.
I changed the configuration in the rsyslog configuration file:
*.* @@<logstash host ip>:514
and I have a logstash configuration file for syslog:
input {
syslog {
type => syslog
port => 514
}
}
and in logstash logs I got errors related to listening to syslog tcp listener and
exception=>#<Errno::EACCES: Permission denied - bind(2)
It seemed to me that I should indicate where the host is in the logstash configurations, and added the dockerhost + port's ip address to the configuration file, but I still get the same errors.
How can I tell logstash to see the docker container on dockerhost for logs? Am I missing a component here?
Thank.