Support Questions
Find answers, ask questions, and share your expertise
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

How do you get syslog properties using Nifi?

How do you get syslog properties using Nifi?

New Contributor

I need to filter rsyslog entries based on the values of their properties then process them using Nifi. The properties that I am interested in are fromhost-ip, hostname, syslogfacility, timestamp, inputname and app-name. Is it actually possible to get the properties that aren't stored in the body of the Flow File when using a ListenSyslog processor? I am using CentOS 7 if that is important.


Re: How do you get syslog properties using Nifi?

The only information NiFi has access to is what is in each message.

The hostname, facility, and timestamp should part of each message.

I'm not familiar with what inputname and appname are or where they come from.

The sender IP/host should be captured in a flow file attribute already called syslog.sender.

If you are doing a single message per flow file (which is not great for performance) then you can have ListenSyslog parse the messages and it will create flow file attributes:

Look at the "Writes Attributes" section here: