Custom UDP Logs

Collect raw UDP data from listening UDP port with Elastic Agent.

Version
1.19.1 (View all)
Compatible Kibana version(s)
8.2.1 or higher
Supported Serverless project types

Security
Observability
Subscription level
Basic
Level of support
Elastic

The custom UDP Log package intializes a listening UDP socket that collects any UDP traffic received and sends each line as a document to Elasticsearch. Custom ingest pipelines may be added by adding the name to the pipeline configuration option, creating custom ingest pipelines can be done either through the API or the Ingest Node Pipeline UI.

Changelog

VersionDetailsKibana version(s)

1.19.1

Enhancement View pull request
Introduce option to preserve original event

8.2.1 or higher

1.19.0

Enhancement View pull request
Update package-spec to 3.0.3.

8.2.1 or higher

1.18.1

Enhancement View pull request
Changed owners

8.2.1 or higher

1.18.0

Bug fix View pull request
Added log.syslog.msgid and log.syslog.structured_data to ECS mapping.

8.2.1 or higher

1.17.0

Enhancement View pull request
ECS version updated to 8.11.0.

8.2.1 or higher

1.16.0

Enhancement View pull request
Update ES permissions to support reroute processors

8.2.1 or higher

1.15.0

Enhancement View pull request
ECS version updated to 8.10.0.

8.2.1 or higher

1.14.0

Enhancement View pull request
The format_version in the package manifest changed from 2.11.0 to 3.0.0. Removed dotted YAML keys from package manifest. Added 'owner.type: elastic' to package manifest.

8.2.1 or higher

1.13.0

Enhancement View pull request
Add tags.yml file so that integration's dashboards and saved searches are tagged with "Security Solution" and displayed in the Security Solution UI.

8.2.1 or higher

1.12.0

Enhancement View pull request
Update package to ECS 8.9.0.

8.2.1 or higher

1.11.0

Enhancement View pull request
Document duration units.

8.2.1 or higher

1.10.0

Enhancement View pull request
Update package to ECS 8.8.0.

8.2.1 or higher

1.9.0

Enhancement View pull request
Update package-spec version to 2.7.0.

8.2.1 or higher

1.8.0

Enhancement View pull request
Update package to ECS 8.7.0.

8.2.1 or higher

1.7.1

Enhancement View pull request
Added categories and/or subcategories.

8.2.1 or higher

1.7.0

Enhancement View pull request
Allow YAML custom configuration.

8.2.1 or higher

1.6.0

Enhancement View pull request
Update package to ECS 8.6.0.

8.2.1 or higher

1.5.0

Enhancement View pull request
Update package to ECS 8.5.0.

8.2.1 or higher

1.4.1

Bug fix View pull request
Fix indentation of syslog processor in agent handlebars file.

8.2.1 or higher

1.4.0

Enhancement View pull request
Update package to ECS 8.4.0

8.2.1 or higher

1.3.1

Enhancement View pull request
Improve syslog parsing description

8.2.1 or higher

1.3.0

Enhancement View pull request
Add syslog parsing option, expose SSL config

8.2.1 or higher

1.2.0

Enhancement View pull request
Update package to ECS 8.3.0.

7.16.0 or higher
8.0.0 or higher

1.1.1

Bug fix View pull request
Fixing typo in readme

7.16.0 or higher
8.0.0 or higher

1.1.0

Enhancement View pull request
Update ECS to 8.2

7.16.0 or higher
8.0.0 or higher

1.0.1

Bug fix View pull request
Fixing typo in manifest for listen address

7.16.0 or higher
8.0.0 or higher

1.0.0

Enhancement View pull request
Initial Release

7.16.0 or higher
8.0.0 or higher