EFK, ELK Stack Port issues
i am hoping someone can point me in the right direction, i have set up a number of VMs inside ESXI from ubuntu server to CentOS. running both EFK and ELK.
Currently i am running EFK on 14.4 server and sending logs for the localhost works without issue,
My problem is when attempting to ship logs from a windows host (using nxlog) to my EFK VM.
i know the nxlog config is fine as when using NetCat on the vm (nxlog configured for TCP)
sudo nc -l 5140 i can see the windows events coming in for the windows host to the vm via my ssh connection running the nc command,
with the below config my understanding is that this should now be listing on UDP 5140 (i have tried so many configs)
however when doing
sudo netstat -tapen | grep ":5140"
nothing is listing on 5140
<source> type syslog port 5140 tag windowslog </source> <match windowslog.**> type stdout </match>
so in short can you please help me to get Fluentd to listen on a port over tpc so i can ship logs