Syslog as a source

Question

Hello,
We are trying to convert from syslog-ng central syslog collection server to Opensearch, and want to build a syslog ingestion pipeline to send data directly to it from network devices and things that only have native syslog support.   There is a perfect solution here, however, the instructions do not seem to add up:
https://docs.aws.amazon.com/solutions/latest/centralized-logging-with-opensearch/syslog-as-log-source.html

For example, I do not see any these options in the Opensearch console.  Prerequisites are met:
Prerequisites
Make sure you have imported an Amazon OpenSearch Service domain. For more information, see Domain operations.

Create a log analytics pipeline
    Sign in to the Centralized Logging with OpenSearch Console.
    In the left sidebar, under Log Analytics Pipelines, choose Application Log.
    Choose Create a pipeline.
    Choose Syslog Endpoint as Log Source, and choose Next.
    Select UDP or TCP with custom port number. Choose Next.

Is anyone able to reproduce these steps?

Answer

I apologized as I was missing context of the large picture.  The 'syslog as a source instructions' assume one has created a "Centralized Logging" stack in advance.
https://docs.aws.amazon.com/solutions/latest/centralized-logging-with-opensearch/getting-started.html.

Syslog as a source

相关内容