I am new to the Hadoop Ecosystem. I have a question about Syslog and the Flume agent for Syslog.
I am working to ingest network data from an agent. The agent is sending data in Syslog format, or is creating data in syslog format. Here are the required parameters for a syslog Flume source:
a1.sources = r1
a1.channels = c1
a1.sources.r1.type = syslogudp
a1.sources.r1.port = 5140
a1.sources.r1.host = localhost
a1.sources.r1.channels = c1
I asked the developer for the IP address of the syslog source. I assume that the Flume agent sends an agent program to the syslog server, defined by a1.source.r1.host. Is this correct? Or is the a1.sources.c1.host IP address, the address of the machine that is running the Flume instance?