Hello, I am trying to set up syslog-ng to elasticsearch, not using as the middleware. According to https://www.balabit.com/blog/elasticsearch-and-syslog-ng-fast-and-simple/ it is doable. However, I am not finding an example that works for my config. I have syslog-ng version 3.11 Elasticsearch 2.4.6 All running on one machine with Ubuntu 16.04. My syslog-ng is standard with the @include for the conf.d directory. In which I had hoped to create a working elsasticsearch.conf to define the how to send the logs. Likewise I have syslog-ng-mod-elasticsearch installed. Any help or pointing me to some examples would be great. Thanks Blake Pomeroy Security Engineer Cloud Engineering/InfoSec EBSCO Desk 978-356-6500 x3693 www.ebsco.com<http://www.ebsco.com> [cid:image001.png@01D3393C.98252AF0]
