Log Forwarder Instrument
Overview
Log Forwarder Instrument integrates Logstash open source log/event pipeline engine into the SensorFleet platform. You can use it to forward log and event data from an external source or SensorFleet event pipeline into an external destination. You can also use standard Logstash functions to mutate data and receive/transmit in many formats and protocols.
Use cases
Log Forwarder is a multipurpose log and event forwarding tool. Here are some useful examples.
Log Collection and export to external system
You can make Log Forwarder act e.g. as a syslog target on the edge, collect log data on your network devices, store them locally in case of connectivity issues and forward them reliably into an external log destination such as Azure Sentinel, ElasticSearch, another syslog or another Logstash.
Event Export from SensorFleet to external system
You can use Log Forwarder to get SensorFleet events and forward them to external systems, such as ElasticSearch, Azure Sentinel or another Logstash using the HTTP output.
This works by using the Event Subscription feature built into the Log Forwarder. You can use custom event search terms to get only wanted events and push them into the Logstash HTTP input module for forwarding.
Additional input and output methods
For a full list of available input methods, see Logstash input plugins.
For a full list of available output methods, see Logstash output plugins.
Properties
| Developer | SensorFleet Oy |
| Categories | Integrations, Logging, Log/Event Push, Log/Event Pull, Log/Event Import, Log/Event Export |
| Network access type | Active |
| Required interfaces |
|
| Dependencies | None |
| Data retention | Holds a temporary event buffer, not affected by the data retention logic. |
| Management UI | No |