Logstash patterns and conf for parsing and storing maillogs.

With Logstash, you'll also need input and output specified and saved under conf.d. Below is an example input-output-config.

input {

syslog {
type => "mailserver-log"
port => "9473"
}

lumberjack {
port => "9474"
type => "mailserver-log"
ssl_certificate => "/etc/logstash/ssl/logstash-forwarder.crt"
ssl_key => "/etc/logstash/ssl/logstash-forwarder.key"
}
}

output {

elasticsearch_http {
host => "your.elasticsearch.server"
}

}