Hi,
I have a docker swarm configured to use fluentd as the default log driver for containers, and I would like to have the container logs sent from fluentd to logstash.
I have tried a few things so far, but I have not found a configuration that works:
My first attempt was to configure fluentd to use the remote_syslog output plugin to send to logstash configured to listen for syslog input. With this setup I could see that fluentd was sending the logs to the logstash, and from the logstash log I could see that logstash was receiving them, but I never saw any logs appearing in kibana. I did not see any errors in the logstash log.
Then I tried what I thought might be a simpler setup, with logstash configured for udp and tcp input on port 51415 and fluentd using the forward output plugin to send to that port. With this setup I haven't managed to get fluentd to send the logs at all. Initially I saw "no nodes are available" in the fluentd log, so I tried again with heartbeat_type none and flush_interval 0s; then I saw nothing in the fluentd log at all.
Is there a configuration for fluentd and logstash that should work?
Chris