This module allows crowdsec to expose a syslog server, and ingest logs directly from another syslog server (or any software that knows how to forward logs with syslog).
Only UDP is supported.
A basic configuration is as follows:
source: sysloglisten_addr: 127.0.0.1listen_port: 4242labels: type: syslog
Address on which the syslog will listen. Defaults to 127.0.0.1.
UDP port used by the syslog server. Defaults to 514.
Maximum length of a syslog message (including priority and facility). Defaults to 2048.
This module does not support command-line acquisition.