Thanks for the doc. I read them and i have the following error: *Error parsing destination, destination plugin java not found in /etc/syslog-ng/syslog-ng.conf at line 57, column 3:** ** java( *I have configure as follow: @version:3.7 @include "scl.conf" @module mod-java **source s_sys { system(); internal(); network(ip(0.0.0.0) port(6514) flags(syslog-protocol) transport("tls") tls(key_file("/etc/syslog-ng/cert.d/serverkey.pem") cert_file("/etc/syslog-ng/cert.d/servercert.pem") ca_dir("/etc/syslog-ng/ca.d") ) ); }; parser pattern_db { db-parser( file("/etc/syslog-ng/patterndb.d/patterndb.xml") ); }; destination d_es { java( class-path("/usr/lib64/syslog-ng/java-modules/*.jar:/usr/share/elasticsearch/lib/*.jar") class-name("org.syslog_ng.elasticsearch.ElasticSearchDestination") option("index", "syslog-ng_${YEAR}.${MONTH}.${DAY}") option("type", "test") option("cluster", "czpcluster") option("flush_limit", "100") option( "message_template", "$(format-json --scope rfc3164 --scope nv-pairs --exclude R_DATE --key ISODATE)\n") ); }; I have installed just Syslog-NG and Elasticsearch ? Do i need to install somethign else ? On 05/26/2016 04:53 PM, Szabó, István wrote:
Hi,
For using syslog-ng together with elasticsearch and Kibana this is a pretty good description, also giving you a good understanding of what it enables you to do:
https://czanik.blogs.balabit.com/2015/10/how-to-parse-data-with-syslog-ng-st...
https://czanik.blogs.balabit.com/2015/12/elasticsearch-and-syslog-ng-fast-an...
/Istvan
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq