That certainly sounds obvious, however,
I can't get it to work. The documented options for the "7.2.4.
Elasticsearch destination options" does NOT include a time-zone
option.
My java destination is devined as:
destination d_elasticsearch_1 {
java(
class-path("/usr/local/lib64/syslog-ng/java-modules/*.jar:/usr/share/elasticsearch/lib/*.jar")
class-name("org.syslog_ng.elasticsearch.ElasticSearchDestination")
option("index",
"flare-${YEAR}.${MONTH}.${DAY}.${HOUR}")
option("type", "test")
option("client-mode", "node")
option("resource",
"/etc/elasticsearch/elasticsearch.yml")
option("log-fifo-size","75000")
option("time-zone","UTC")
option("cluster", "uvic-cluster-01")
option("message-template", "$MESSAGE")
option("flush-limit", "50")
);
};
But my index uses the hour from the local timezone, not the UTC
time zone.
Is the order of the options important?
Does the elasticsearch destination fail apply the time zone to the
index?
This is beginning to look like a bug.
Evan.
On 09/28/2015 10:04 PM, Fabien Wernli wrote:
Hi Evan,
Just use the `time-zone` option in the `java` block.
Cheers
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq
--
Evan Rempel erempel@uvic.ca
Senior Systems Administrator 250.721.7691
Data Centre Services, University Systems, University of Victoria