<div dir="ltr">Hello,<div><br></div><div>You probably have a '\r' carriage return in your configuration, that is not supported. Remove it and it should work :)</div><div><br></div><div>--</div><div>Kokan</div></div><br><div class="gmail_quote"><div dir="ltr">On Fri, May 25, 2018 at 8:59 PM Komi Elitcha <<a href="mailto:kmw.elitcha@gmail.com">kmw.elitcha@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
  
    
  
  <div text="#000000" bgcolor="#FFFFFF">
    <p>Oups...</p>
    <p>Additionally, i'm getting an error saying that syslog-ng-core in
      not configured yet.</p>
    <p>I hope i didn't miss anything.</p>
    <p>Thanks.<br>
    </p></div><div text="#000000" bgcolor="#FFFFFF">
    <br>
    <div class="m_8133385003370683758moz-cite-prefix">Le 25/05/2018 à 18:39, Komi Elitcha a
      écrit :<br>
    </div>
    <blockquote type="cite">
      
      <p>Thank you Gabor,</p>
      <p>Your below comments were very helpful and i suspect i've solved
        the java issue (maybe i should open a new thread).</p>
      <p>After setting correctly the java env in bashrc, this the output
        i get from #syslog-ng -Fve command:</p>
      <p><br>
      </p>
      <p>Error parsing config, syntax error, unexpected $end, expecting
        ';' in /etc/syslog-ng/syslog-ng.conf:<br>
        173     log { source(s_src); filter(f_messages);
        destination(d_messages); };<br>
        174     <br>
        175     log { source(s_src); filter(f_console);
        destination(d_console_all);<br>
        176                         destination(d_xconsole); };<br>
        177     log { source(s_src); filter(f_crit);
        destination(d_console); };<br>
        178---> <br>
        178---> ^<br>
        179     # All messages send to a remote site<br>
        180     #<br>
        181     #log { source(s_src); destination(d_net); };<br>
        182     log { source(s_net); destination(d_es);
        flags(flow-control); };<br>
        183     <br>
      </p>
      <p><br>
      </p>
      <p>I cannot see any syntax error (regarding the ';') in my
        syslong-ng.conf file. Is there any know bug related to this.
        Also, i wonder why "log {---}' syntaxes are returning errors.</p>
      <p><br>
      </p>
      <p>Regards,<br>
      </p>
      <p><br>
      </p>
      <p><br>
      </p>
      <br>
      <div class="m_8133385003370683758moz-cite-prefix">Le 25/05/2018 à 10:20, Nagy, Gábor a
        écrit :<br>
      </div>
      <blockquote type="cite">
        <div dir="ltr">Sorry I forgot to link our blog post about common
          java problems.
          <div>It could help and explain some common errors during
            installation.<br>
            <div><br>
            </div>
            <div><a href="https://syslog-ng.com/blog/troubleshooting-java-support-syslog-ng/" target="_blank">https://syslog-ng.com/blog/troubleshooting-java-support-syslog-ng/</a><br>
            </div>
          </div>
          <div><br>
          </div>
          <div>Regards,</div>
          <div>Gabor</div>
        </div>
        <div class="gmail_extra"><br>
          <div class="gmail_quote">On Fri, May 25, 2018 at 11:35 AM,
            Nagy, Gábor <span dir="ltr"><<a href="mailto:gabor.nagy@balabit.com" target="_blank">gabor.nagy@balabit.com</a>></span>
            wrote:<br>
            <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
              <div dir="ltr">Hi Komi!<br>
                <br>
                You need the java package for syslog-ng too:
                "syslog-ng-mod-java".
                <div>What is the source of the syslog-ng package you
                  installed?</div>
                <div><br>
                </div>
                <div>You will need additional steps after you have
                  installed the syslog-ng java package.</div>
                <div>In our admin we have detailed instructions to setup
                  elasticsearch2 destination:<br>
                  <a href="https://syslog-ng.com/documents/html/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/configuring-destinations-elasticsearch2.html" target="_blank">https://syslog-ng.com/documents/html/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/configuring-destinations-elasticsearch2.html</a><br>
                </div>
                <div><br>
                </div>
                <div>Feel free to ask if you got stuck!</div>
                <div><br>
                </div>
                <div>Regards,</div>
                <div>Gabor</div>
              </div>
              <div class="m_8133385003370683758HOEnZb">
                <div class="m_8133385003370683758h5">
                  <div class="gmail_extra"><br>
                    <div class="gmail_quote">On Fri, May 25, 2018 at
                      10:49 AM, Komi Elitcha <span dir="ltr"><<a href="mailto:kmw.elitcha@gmail.com" target="_blank">kmw.elitcha@gmail.com</a>></span>
                      wrote:<br>
                      <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Good day all,<br>
                        <br>
                        I'm new to this mailing list.<br>
                        <br>
                        I'm setting up syslong-ng+elasticsearch+kibana
                        on an Ubuntu 18.04; i'm getting the following
                        output/error from command: ]#syslog-ng -Fve<br>
                        <br>
                        <br>
                        Error parsing destination, destination plugin
                        java not found in block destination
                        elasticsearch2 (at
                        /usr/share/syslog-ng/include/scl/elasticsearch/plugin.conf:58:1):<br>
                        1<br>
                        2----->   java(<br>
                        2----->   ^^^^<br>
                        3 class_path("/usr/lib/syslog-ng/3.15/java-modules/*.jar:/usr/lib/syslog-ng/3.15/java-modules/elastic-jest-client/*.jar:/opt/syslog-ng/jre1.8.0_171/lib//*.jar")<br>
                        4 class_name("org.syslog_ng.elasticsearch_v2.ElasticSearchDestination")<br>
                        5           option("index", "*log*")<br>
                        6           option("type", "syslog")<br>
                        7           option("server", "localhost")<br>
                        <br>
                        Included from /etc/syslog-ng/syslog-ng.conf:<br>
                        90      # Debian only<br>
                        91      destination d_ppp {
                        file("/var/log/ppp.log"); };<br>
                        92<br>
                        93      # Elasticsearch destination<br>
                        94      destination d_es {<br>
                        95---->     elasticsearch2(<br>
                        95---->     ^^^^^^^^^^^^^^^^<br>
                        96                cluster("syslog-ng")<br>
                        97                client-lib-dir("/usr/share/elasticsearch/lib/")<br>
                        98 client-lib-dir("/opt/syslog-ng/jre1.8.0_171/lib/")<br>
                        99                time-zone("UTC")<br>
                        100               cluster-url("<a href="http://localhost:9200" rel="noreferrer" target="_blank">http://localhost:9200</a>")<br>
                        <br>
                        <br>
                        Any help is welcome.<br>
                        <br>
                        Thanks.<br>
                        <br>
                        ______________________________________________________________________________<br>
                        Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" rel="noreferrer" target="_blank">https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br>
                        Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" rel="noreferrer" target="_blank">http://www.balabit.com/support/documentation/?product=syslog-ng</a><br>
                        FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer" target="_blank">http://www.balabit.com/wiki/syslog-ng-faq</a><br>
                        <br>
                      </blockquote>
                    </div>
                    <br>
                  </div>
                </div>
              </div>
            </blockquote>
          </div>
          <br>
        </div>
        <br>
        <fieldset class="m_8133385003370683758mimeAttachmentHeader"></fieldset>
        <br>
        <pre>______________________________________________________________________________
Member info: <a class="m_8133385003370683758moz-txt-link-freetext" href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" target="_blank">https://lists.balabit.hu/mailman/listinfo/syslog-ng</a>
Documentation: <a class="m_8133385003370683758moz-txt-link-freetext" href="http://www.balabit.com/support/documentation/?product=syslog-ng" target="_blank">http://www.balabit.com/support/documentation/?product=syslog-ng</a>
FAQ: <a class="m_8133385003370683758moz-txt-link-freetext" href="http://www.balabit.com/wiki/syslog-ng-faq" target="_blank">http://www.balabit.com/wiki/syslog-ng-faq</a>

</pre>
      </blockquote>
      <br>
    </blockquote>
    <br>
    </div><div text="#000000" bgcolor="#FFFFFF"><pre class="m_8133385003370683758moz-signature" cols="72">-- 
--
KE</pre>
  </div>

______________________________________________________________________________<br>
Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" rel="noreferrer" target="_blank">https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br>
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" rel="noreferrer" target="_blank">http://www.balabit.com/support/documentation/?product=syslog-ng</a><br>
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer" target="_blank">http://www.balabit.com/wiki/syslog-ng-faq</a><br>
<br>
</blockquote></div>