Is your feature request related to a problem? Please describe
As documentation states, logs received by syslog are automaticaly splited to different streams according to 3 steam field
hostname, app_name and proc_id - stream fields for unique identification over every log stream.
As far as i understand this set of fields can't be changed in case of syslog.
Lets consider we are going to configure two ways to receive logs by victoria logs:
- Vector elasticsearch sink.
- Syslog sources send log to specific victorialog syslog port (for example 514).
So we want to have only two streams in victoria logs for quick search what we want. For example we need search only by specific victorialog syslog source. But we cant because each syslog source are splitted to different streams by hostname, app_name and proc_id.
Describe the solution you'd like
We need option for syslog inputs to specify a stream field name and value that will be considered as stream field during log ingestion. For example all logs ingested by victorialogs to 514 syslog port should have stream field such as stream_name=syslog_nginx.
In other words we need option for tagging of syslog inputs.
Describe alternatives you've considered
No response
Additional information
No response
Is your feature request related to a problem? Please describe
As documentation states, logs received by syslog are automaticaly splited to different streams according to 3 steam field
As far as i understand this set of fields can't be changed in case of syslog.
Lets consider we are going to configure two ways to receive logs by victoria logs:
So we want to have only two streams in victoria logs for quick search what we want. For example we need search only by specific victorialog syslog source. But we cant because each syslog source are splitted to different streams by hostname, app_name and proc_id.
Describe the solution you'd like
We need option for syslog inputs to specify a stream field name and value that will be considered as stream field during log ingestion. For example all logs ingested by victorialogs to 514 syslog port should have stream field such as stream_name=syslog_nginx.
In other words we need option for tagging of syslog inputs.
Describe alternatives you've considered
No response
Additional information
No response