Hi, I decided to use Decanter as a syslog server for my router with the collector-socket and append the data to ES with the appender-elasticsearch-rest.
Syslog send data with the UDP protocol and actually, it doesn't work with the collector-socket version. I make some modifications on the collector-socket to test it using a DatagramServer instead of a ServerSocket for UDP. The modifications are : - Add a new properties in the collector cfg file to define the protocol : # Protocol tcp(default) or udp #protocol=tcp - Instanciate a DatagramServer in the case of udp protocol is define in the cfg (org.apache.karaf.decanter.collector.socket.SocketCollector) It work's well and I can share it by a PR.
