Nagios Support Forum

Posted: **Wed Feb 16, 2022 12:00 pm**

Hello!

I found the article about forwarding all logs to another destination via outputs and the following:

udp {
host => '192.168.1.190'
port => '514'
}

My question is, instead of forwarding everything, how can i forward specific logs? in example i have 10 log sources that i would like to specifically forward instead of everything? Can i do it by IP? would i have to filter instead? I would prefer to do it by source IP in the output config. HELP!

Posted: **Thu Feb 17, 2022 4:36 pm**

You can do based on the value of one of the fields:

Code: Select all

if [type] == 'palo_alto' {
  udp {
    host => 'X.X.X.X'
    port => '44444'
  }
}

if [type] == 'cisco' {
  udp {
    host => 'Y.Y.Y.Y'
    port => '44445'
  }
}

OR even by IP:

Code: Select all

if [host] in ['A.A.A.A', 'B.B.B.B'] {
  udp {
    host => 'X.X.X.X'
    port => '44444'
  }
}

if [host] in ['C.C.C.C', 'D.D.D.D'] {
  udp {
    host => 'Y.Y.Y.Y'
    port => '44445'
  }
}

Posted: **Fri Feb 18, 2022 2:37 pm**

I will try these out! thank you!

Posted: **Mon Feb 21, 2022 5:05 pm**

No problem, glad to help! Let us know if you have any related questions or when we're okay to lock this up and mark it as resolved.

Thank you!

Nagios Support Forum

Forward Specific logs to another log destination

Forward Specific logs to another log destination

Re: Forward Specific logs to another log destination

Re: Forward Specific logs to another log destination

Re: Forward Specific logs to another log destination