<div dir="ltr">Hi Komi!<br><br>You need the java package for syslog-ng too: "syslog-ng-mod-java".<div>What is the source of the syslog-ng package you installed?</div><div><br></div><div>You will need additional steps after you have installed the syslog-ng java package.</div><div>In our admin we have detailed instructions to setup elasticsearch2 destination:<br><a href="https://syslog-ng.com/documents/html/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/configuring-destinations-elasticsearch2.html">https://syslog-ng.com/documents/html/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/configuring-destinations-elasticsearch2.html</a><br></div><div><br></div><div>Feel free to ask if you got stuck!</div><div><br></div><div>Regards,</div><div>Gabor</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, May 25, 2018 at 10:49 AM, Komi Elitcha <span dir="ltr"><<a href="mailto:kmw.elitcha@gmail.com" target="_blank">kmw.elitcha@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Good day all,<br>
<br>
I'm new to this mailing list.<br>
<br>
I'm setting up syslong-ng+elasticsearch+kiban<wbr>a on an Ubuntu 18.04; i'm getting the following output/error from command: ]#syslog-ng -Fve<br>
<br>
<br>
Error parsing destination, destination plugin java not found in block destination elasticsearch2 (at /usr/share/syslog-ng/include/s<wbr>cl/elasticsearch/plugin.conf:5<wbr>8:1):<br>
1<br>
2----->   java(<br>
2----->   ^^^^<br>
3 class_path("/usr/lib/syslog-ng<wbr>/3.15/java-modules/*.jar:/usr/<wbr>lib/syslog-ng/3.15/java-module<wbr>s/elastic-jest-client/*.jar:/<wbr>opt/syslog-ng/jre1.8.0_171/<wbr>lib//*.jar")<br>
4 class_name("org.syslog_ng.elas<wbr>ticsearch_v2.ElasticSearchDest<wbr>ination")<br>
5           option("index", "*log*")<br>
6           option("type", "syslog")<br>
7           option("server", "localhost")<br>
<br>
Included from /etc/syslog-ng/syslog-ng.conf:<br>
90      # Debian only<br>
91      destination d_ppp { file("/var/log/ppp.log"); };<br>
92<br>
93      # Elasticsearch destination<br>
94      destination d_es {<br>
95---->     elasticsearch2(<br>
95---->     ^^^^^^^^^^^^^^^^<br>
96                cluster("syslog-ng")<br>
97                client-lib-dir("/usr/share/ela<wbr>sticsearch/lib/")<br>
98 client-lib-dir("/opt/syslog-ng<wbr>/jre1.8.0_171/lib/")<br>
99                time-zone("UTC")<br>
100               cluster-url("<a href="http://localhost:9200" rel="noreferrer" target="_blank">http://localhost:<wbr>9200</a>")<br>
<br>
<br>
Any help is welcome.<br>
<br>
Thanks.<br>
<br>
______________________________<wbr>______________________________<wbr>__________________<br>
Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" rel="noreferrer" target="_blank">https://lists.balabit.hu/mailm<wbr>an/listinfo/syslog-ng</a><br>
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" rel="noreferrer" target="_blank">http://www.balabit.com/support<wbr>/documentation/?product=<wbr>syslog-ng</a><br>
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer" target="_blank">http://www.balabit.com/wiki/sy<wbr>slog-ng-faq</a><br>
<br>
</blockquote></div><br></div>