Thanks, that works like a charm. We are now feeding a steady 5,000 messages per second into elasticsearch with spikes into the 30,000 messages per second. All the right indexes and all of the soft macros parsed by the syslog-ng patterndb. Exciting times for us (only a sysadmin right :-) Evan. On 09/29/2015 09:04 AM, Fabien Wernli wrote:
Hi,
In fact `time_zone()` is a meta-option which spans multiple block types (implicitly). We use the following:
destination d_es { java( time_zone("UTC") ... ); };
I'll submit a github PR to improve the documentation ASAP
Cheers
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq