Hi Bazsi, I get syslog from: "https://copr.fedorainfracloud.org/coprs/czanik/syslog-ng37/repo/epel-7/czani..." add the repo and then "yum install syslog-ng" after that i have download the Elasticsearch and install it and that is it. Im using CentOS 7. Ivan On 05/27/2016 11:57 AM, Balazs Scheidler wrote:
Your build of syslog-ng seems to lack java support. It should be present in 3.7.x releases, but it also depends on who compiled them. Where did you get your binaries from?
BTW, someone builds syslog-ng docker images that has java support. You might try that to get through the initial hassles. Then later you may decide whether to use the docker in production or rather get a recent and properly built binary.
Bazsi
On May 27, 2016 10:16 AM, "Ivan Adji - Krstev" <akivanradix@gmail.com <mailto:akivanradix@gmail.com>> wrote:
Thanks for the doc. I read them and i have the following error:
*Error parsing destination, destination plugin java not found in /etc/syslog-ng/syslog-ng.conf at line 57, column 3:** ** java(
*I have configure as follow: @version:3.7 @include "scl.conf" @module mod-java
source s_sys { system(); internal(); network(ip(0.0.0.0) port(6514) flags(syslog-protocol) transport("tls") tls(key_file("/etc/syslog-ng/cert.d/serverkey.pem") cert_file("/etc/syslog-ng/cert.d/servercert.pem") ca_dir("/etc/syslog-ng/ca.d") ) );
};
parser pattern_db { db-parser( file("/etc/syslog-ng/patterndb.d/patterndb.xml") ); };
destination d_es { java(
class-path("/usr/lib64/syslog-ng/java-modules/*.jar:/usr/share/elasticsearch/lib/*.jar") class-name("org.syslog_ng.elasticsearch.ElasticSearchDestination") option("index", "syslog-ng_${YEAR}.${MONTH}.${DAY}") option("type", "test") option("cluster", "czpcluster") option("flush_limit", "100") option( "message_template", "$(format-json --scope rfc3164 --scope nv-pairs --exclude R_DATE --key ISODATE)\n") ); };
I have installed just Syslog-NG and Elasticsearch ? Do i need to install somethign else ?
On 05/26/2016 04:53 PM, Szabó, István wrote:
Hi,
For using syslog-ng together with elasticsearch and Kibana this is a pretty good description, also giving you a good understanding of what it enables you to do:
https://czanik.blogs.balabit.com/2015/10/how-to-parse-data-with-syslog-ng-st...
https://czanik.blogs.balabit.com/2015/12/elasticsearch-and-syslog-ng-fast-an...
/Istvan
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq