Version: 5.6

Logz.io

Overview

info

The Logz.io output is currently a technology preview. The design and implementation are less mature than stable features and subject to change.

The Logz.io output can be used to send records to the Logz.io service.

EF_FLOW_OUTPUT_LOGZIO_ENABLE

Specifies whether the Logz.io output is enabled.

Valid Values
- true, false
Default
- false

EF_FLOW_OUTPUT_LOGZIO_ADDRESSES

This setting specifies the Logz.io endpoint to which the output should connect. It is a comma-separated list of Logz.io endpoints, including port number.

danger

Do NOT include http:// or https:// in the provided value. TLS communications is enabled/disabled using EF_FLOW_OUTPUT_LOGZIO_TLS_ENABLE.

Default
- listener.logz.io:8070

EF_FLOW_OUTPUT_LOGZIO_TOKEN

The Logz.io data shipping token that the collector will use to send data.

Default
- ''

EF_FLOW_OUTPUT_LOGZIO_TIMESTAMP_SOURCE

Determines the timestamp source to be used to set the @timestamp field. Usually end would be the best setting. However, in the case of poorly behaving or misconfigured devices, collect may be the better option.

Valid Values
- start - Use the timestamp from flow.start.timestamp. The flow start time indicated in the flow.
- end - Use the timestamp from flow.end.timestamp. The flow end time (or last reported time).
- export - Use the timestamp from flow.export.timestamp. The time from the flow record header.
- collect - Use the timestamp from flow.collect.timestamp. The time that the collector processed the flow record.
Default
- end

EF_FLOW_OUTPUT_LOGZIO_BATCH_DEADLINE

The maximum time, in milliseconds, to wait for a batch of records to fill before being sent to Logz.io.

Default
- 2000

EF_FLOW_OUTPUT_LOGZIO_BATCH_MAX_BYTES

The maximum size, in bytes, for a batch of records being sent to Logz.io.

Default
- 8388608

EF_FLOW_OUTPUT_LOGZIO_ECS_ENABLE

Specifies whether the data will be sent using Elastic Common Schema (ECS).

Valid Values
- true, false
Default
- false

EF_FLOW_OUTPUT_LOGZIO_TIMEOUT

Specifies the period, in milliseconds, after which a request to the Logz.io endpoint will be timed out.

Default
- 30000

EF_FLOW_OUTPUT_LOGZIO_TLS_ENABLE

This setting is used to enable/disable TLS connections to Logz.io.

Valid Values
- true, false
Default
- false

EF_FLOW_OUTPUT_LOGZIO_DROP_FIELDS

This setting allows for a comma-separated list of fields that are to be removed from all records.

note

Fields are dropped after any output specific fields have been added and after any schema conversion. This means that you should use the field names as you see them in the user interface.

Valid Values
- any field names related to the enabled schema, comma-separated
Example
- flow.export.sysuptime,flow.export.version.ver,flow.start.sysuptime,flow.end.sysuptime,flow.seq_num
Default
- ''

Overview​

EF_FLOW_OUTPUT_LOGZIO_ENABLE​

EF_FLOW_OUTPUT_LOGZIO_ADDRESSES​

EF_FLOW_OUTPUT_LOGZIO_TOKEN​

EF_FLOW_OUTPUT_LOGZIO_TIMESTAMP_SOURCE​

EF_FLOW_OUTPUT_LOGZIO_BATCH_DEADLINE​

EF_FLOW_OUTPUT_LOGZIO_BATCH_MAX_BYTES​

EF_FLOW_OUTPUT_LOGZIO_ECS_ENABLE​

EF_FLOW_OUTPUT_LOGZIO_TIMEOUT​

EF_FLOW_OUTPUT_LOGZIO_TLS_ENABLE​

EF_FLOW_OUTPUT_LOGZIO_DROP_FIELDS​