Add syslog output plugin to logstash

[ndohdima697923412]

Please I need to forward logstash output to a QRadar SIEM and when I modify the output using syslog-output format It didn’t works, so to understand why it was not working I read logstash log and i saw that syslog plugin is not install by default in logstash of tpot. So i try to install it by modifying the docker file of logstash so I can create a new image which would already have syslog output install and there is a line in docker file of logstash that I saw and I only decommented to integrate the syslog output : # /usr/share/logstash/bin/logstash-plugin install logstash-output-gelf logstash-output-syslog && \

now I create a new image and rebuild the docker composer file to create all need of containers is okay I tries to see if the plugin is install in the container with the command:
docker exec -ti logstash bash
/use/share/logstash/bin/logstash-plugin list | grep syslog-output
And all is okay for the output syslog,
but when I restart systemctl tpot it fails. Why?? And how can i resolve this? Or is there another method to achieve my purpose??