<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">In that case you should read through
the blog post to define the destination of where to send the logs.<br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix"><a class="moz-txt-link-freetext" href="https://www.syslog-ng.com/community/b/blog/posts/bulk-mode-message-sending-to-elasticsearch-with-syslog-ng-http-destination">https://www.syslog-ng.com/community/b/blog/posts/bulk-mode-message-sending-to-elasticsearch-with-syslog-ng-http-destination</a></div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">Your source definition is fine, however
your "log" definition will need to include the "destination" that
you</div>
<div class="moz-cite-prefix">define with the help of the above blog
post.</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">Evan.<br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">On 12/30/18 12:54 AM, Jason Long wrote:<br>
</div>
<blockquote type="cite"
cite="mid:1305538805.10751902.1546160076878@mail.yahoo.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<div class="ydpe2436d7yahoo-style-wrap"
style="font-family:Helvetica Neue, Helvetica, Arial,
sans-serif;font-size:16px;">
<div>Thank you, but I want to send "<span><span
style="font-family: Helvetica Neue, Helvetica, Arial,
sans-serif;"> /var/log/nginx" and need properly
configuration.</span></span></div>
<div><br>
</div>
</div>
<div id="yahoo_quoted_6349275200" class="yahoo_quoted">
<div style="font-family:'Helvetica Neue', Helvetica, Arial,
sans-serif;font-size:13px;color:#26282a;">
<div> On Saturday, December 29, 2018, 6:42:58 PM GMT+3:30,
Evan Rempel wrote: </div>
<div><br>
</div>
<div><br>
</div>
<div>
<div id="yiv0876359717">
<div>
<div class="yiv0876359717moz-cite-prefix">If at all
possible you should have the application (nginx in
this case) to log directly to syslog if it can.</div>
<div class="yiv0876359717moz-cite-prefix">nginx can do
this with the caveat that you will no longer have
files of logs. You should have syslog write</div>
<div class="yiv0876359717moz-cite-prefix">the logs to a
file.</div>
<div class="yiv0876359717moz-cite-prefix"><br
clear="none">
</div>
<div class="yiv0876359717moz-cite-prefix">See document
at</div>
<div class="yiv0876359717moz-cite-prefix"><a
rel="nofollow" shape="rect"
class="yiv0876359717moz-txt-link-freetext"
target="_blank"
href="http://nginx.org/en/docs/syslog.html"
moz-do-not-send="true">http://nginx.org/en/docs/syslog.html</a></div>
<div class="yiv0876359717moz-cite-prefix"><br
clear="none">
</div>
<div class="yiv0876359717moz-cite-prefix">The the nginx
logs will show up in /var/log/XXXX depending on which
log files your syslog daemon is configured to write.</div>
<div class="yiv0876359717moz-cite-prefix">(syslog,
messages etc.)</div>
<div class="yiv0876359717moz-cite-prefix"><br
clear="none">
</div>
<div class="yiv0876359717moz-cite-prefix">Evan.<br
clear="none">
</div>
<div class="yiv0876359717moz-cite-prefix"><br
clear="none">
</div>
<div class="yiv0876359717yqt7780866323"
id="yiv0876359717yqtfd22715">
<div class="yiv0876359717moz-cite-prefix">On 12/29/18
4:32 AM, Jason Long wrote:<br clear="none">
</div>
<blockquote type="cite"> </blockquote>
</div>
</div>
<div>
<div class="yiv0876359717yqt7780866323"
id="yiv0876359717yqtfd54149">
<div>Hello.</div>
<div>I want to send Nginx log via syslog-ng to a
server that Elasticsearch and Kibana installed on
it. I'm a beginner and searched in Google but can't
find a good tutorial. I want to know on Nginx server
with syslog-ng installed is below config enough?</div>
<div><br clear="none">
</div>
<div><span> </span>
<div>options { chain_hostnames(off); flush_lines(0);
use_dns(no); use_fqdn(no);</div>
<div> owner("root"); group("adm");
perm(0640); stats_freq(0);</div>
<div> bad_hostname("^gconfd$");</div>
<div>};</div>
<div>source s_myfile {<br clear="none">
</div>
<div> file("/var/log/nginx/access.log"
follow_freq(1) flags(no-parse));</div>
<div>};</div>
<div>log { source(s_myfile); };<br clear="none">
</div>
<br clear="none">
</div>
<div>I'm thankful if anyone share advice.</div>
<div><br clear="none">
</div>
<div>Thank you.</div>
</div>
</div>
</div>
</div>
</div>
</div>
</blockquote>
<br>
</body>
</html>