I've been trying to figure out the best way to ingest logs from 2 different data streams and have them go to separate log files.

Heres the copy of my configuration. For my first input i have a bunch of firewall logs coming in to /syslog/firewalls.log. I now want to ingest syslog data from my isilon to a different log file. It only seems to work if I have host 0.0.0.0 setup. I'm getting the data but everything is being written to firewalls.log and not my isilon.log

Any help would be greatly appreciated.

<Extension _syslog>
Module xm_syslog
</Extension>

<Extension _json>
Module xm_json
</Extension>

<Input udp1>
Module im_udp
Host 0.0.0.0
Port 514
Exec parse_syslog();
</Input>

<Output fwlog>
Module om_file
File "/syslog/firewalls.log"
Exec to_json();
</Output>

<Input udp2>
Module im_udp
Host 0.0.0.0
Port 514
InputType Syslog_TLS
Exec parse_syslog();
</Input>


<Output isilog>
Module om_file
File "/syslog/isilon.log"
Exec to_json();
</Output>

########################################
# Routes #
########################################

<Route udp_to_file1>
Path udp1 => fwlog
</Route>

<Route udp_to_file2>
Path udp2 => isilog
</Route>