:plugin: tcp
:type: input
///////////////////////////////////////////
START - GENERATED VARIABLES, DO NOT EDIT!
///////////////////////////////////////////
:version: %VERSION%
:release_date: %RELEASE_DATE%
:changelog_url: %CHANGELOG_URL%
:include_path: ../../../../logstash/docs/include
///////////////////////////////////////////
END - GENERATED VARIABLES, DO NOT EDIT!
///////////////////////////////////////////
[id="plugins-{type}s-{plugin}"]
=== Tcp input plugin
include::{include_path}/plugin_header.asciidoc[]
==== Description
Read events over a TCP socket.
Like stdin and file inputs, each event is assumed to be one line of text.
Can either accept connections from clients or connect to a server,
depending on `mode`.
===== Accepting log4j2 logs
Log4j2 can send JSON over a socket, and we can use that combined with our tcp
input to accept the logs.
First, we need to configure your application to send logs in JSON over a
socket. The following log4j2.xml accomplishes this task.
Note, you will want to change the `host` and `port` settings in this
configuration to match your needs.
To accept this in Logstash, you will want tcp input and a date filter:
input {
tcp {
port => 12345
codec => json
}
}
and add a date filter to take log4j2's `timeMillis` field and use it as the
event timestamp
filter {
date {
match => [ "timeMillis", "UNIX_MS" ]
}
}
[id="plugins-{type}s-{plugin}-options"]
==== Tcp Input Configuration Options
This plugin supports the following configuration options plus the <> described later.
[cols="<,<,<",options="header",]
|=======================================================================
|Setting |Input type|Required
| <> |<>|No
| <> |<>, one of `["server", "client"]`|No
| <> |<>|Yes
| <> |<>|No
| <> |a valid filesystem path|No
| <> |<>|No
| <> |<>|No
| <> |a valid filesystem path|No
| <> |<>|No
| <> |<>|No
|=======================================================================
Also see <> for a list of options supported by all
input plugins.
[id="plugins-{type}s-{plugin}-host"]
===== `host`
* Value type is <>
* Default value is `"0.0.0.0"`
When mode is `server`, the address to listen on.
When mode is `client`, the address to connect to.
[id="plugins-{type}s-{plugin}-mode"]
===== `mode`
* Value can be any of: `server`, `client`
* Default value is `"server"`
Mode to operate in. `server` listens for client connections,
`client` connects to a server.
[id="plugins-{type}s-{plugin}-port"]
===== `port`
* This is a required setting.
* Value type is <>
* There is no default value for this setting.
When mode is `server`, the port to listen on.
When mode is `client`, the port to connect to.
[id="plugins-{type}s-{plugin}-proxy_protocol"]
===== `proxy_protocol`
* Value type is <>
* Default value is `false`
Proxy protocol support, only v1 is supported at this time
http://www.haproxy.org/download/1.5/doc/proxy-protocol.txt
[id="plugins-{type}s-{plugin}-ssl_cert"]
===== `ssl_cert`
* Value type is <>
* There is no default value for this setting.
SSL certificate path
[id="plugins-{type}s-{plugin}-ssl_enable"]
===== `ssl_enable`
* Value type is <>
* Default value is `false`
Enable SSL (must be set for other `ssl_` options to take effect).
[id="plugins-{type}s-{plugin}-ssl_extra_chain_certs"]
===== `ssl_extra_chain_certs`
* Value type is <>
* Default value is `[]`
An Array of extra X509 certificates to be added to the certificate chain.
Useful when the CA chain is not necessary in the system store.
[id="plugins-{type}s-{plugin}-ssl_key"]
===== `ssl_key`
* Value type is <>
* There is no default value for this setting.
SSL key path
[id="plugins-{type}s-{plugin}-ssl_key_passphrase"]
===== `ssl_key_passphrase`
* Value type is <>
* Default value is `nil`
SSL key passphrase
[id="plugins-{type}s-{plugin}-ssl_verify"]
===== `ssl_verify`
* Value type is <>
* Default value is `true`
Verify the identity of the other end of the SSL connection against the CA.
For input, sets the field `sslsubject` to that of the client certificate.
[id="plugins-{type}s-{plugin}-common-options"]
include::{include_path}/{type}.asciidoc[]