I want to consume syslog data from the directory & send it to Elastic Search, as elastic search expect data to be in JSON format we need to convert our Syslog data to JSON .

Which processor I can use to do this conversion, I tried data parser but its not helping Below is my data

Mar 17 03:28:56 st-infsdwan-s0000001-utl01a-lfa-eu root: INFO: VSD backup file hosekeeping completed

Its has four field Data Hostname Error Info

Please provide your guidance.

What's the error message you're getting?

iamontheinet ( 2020-03-17 11:02:24 -0500 )