Well that one i fix it ... export the new path of the libjvm.so file and it works. But now i have another error :) *Error stating pattern database file, no automatic reload will be performed; error='No such file or directory'* . . *Add path to classpath: /usr/share/elasticsearch/lib/spatial4j-0.5.jar;** **[2016-05-27T06:38:30.933808] Add path to classpath: /usr/share/elasticsearch/lib/t-digest-3.0.jar;** **[2016-05-27T06:38:31.287344] Add path to classpath: //usr/lib64/syslog-ng/java-modules/syslog-ng-core.jar;** **[2016-05-27T06:38:31.333759] Error initializing message pipeline;** * And i have no idea what is this problem as im using ES for the first time. This is what i have: source s_sys { system(); internal(); network(ip(0.0.0.0) port(6514) flags(syslog-protocol) transport("tls") tls(key_file("/etc/syslog-ng/cert.d/serverkey.pem") cert_file("/etc/syslog-ng/cert.d/servercert.pem") ca_dir("/etc/syslog-ng/ca.d") ) ); }; parser pattern_db { db-parser( file("/etc/syslog-ng/patterndb.d/patterndb.xml") ); }; destination d_es { java( class-path("/usr/lib64/syslog-ng/java-modules/*.jar:/usr/share/elasticsearch/lib/*.jar") class-name("org.syslog_ng.elasticsearch.ElasticSearchDestination") option("index", "syslog-ng_${YEAR}.${MONTH}.${DAY}") option("type", "test") option("cluster", "czpcluster") option("flush_limit", "100") option( "message_template", "$(format-json --scope rfc3164 --scope nv-pairs --exclude R_DATE --key ISODATE)\n") ); }; Kind regards Ivan On 05/27/2016 12:22 PM, Czanik, Péter wrote:
Hi,
To enable Java support you need at least the "syslog-ng" and "syslog-ng-java" packages from that repository. Optionally you can also install the "syslog-ng-java-hack" package, which includes all the necessary JAR files, or you can also point your config to the JAR files of your Elasticsearch installation. Note, that syslog-ng 3.7 only supports Elasticsearch 1.X.
You will also need to point syslog-ng to libjvm.so. There are multiple ways: https://czanik.blogs.balabit.com/2016/03/troubleshooting-java-support-in-sys... My personal preference is the ld.so.conf trick, but note that it has side effects if you have multiple Java versions on your system.
Bye,
Peter Czanik (CzP) <peter.czanik@balabit.com <mailto:peter.czanik@balabit.com>> Balabit / syslog-ng upstream http://czanik.blogs.balabit.com/ https://twitter.com/PCzanik
On Fri, May 27, 2016 at 12:14 PM, Ivan Adji - Krstev <akivanradix@gmail.com <mailto:akivanradix@gmail.com>> wrote:
So should i contact him directly or should i wait here to reply on this list ?
Ivan
On 05/27/2016 12:13 PM, Scheidler, Balázs wrote:
Hopefully Peter Czanik can help you then, as he prepared those packages.
On May 27, 2016 11:10 AM, "Ivan Adji - Krstev" <akivanradix@gmail.com <mailto:akivanradix@gmail.com>> wrote:
Yes i install that too.. still nothing.
Ivan
On 05/27/2016 12:09 PM, Fabien Wernli wrote:
On Fri, May 27, 2016 at 12:08:21PM +0200, Ivan Adji - Krstev wrote:
Hi Bazsi, I get syslog from: "https://copr.fedorainfracloud.org/coprs/czanik/syslog-ng37/repo/epel-7/czani..." <https://copr.fedorainfracloud.org/coprs/czanik/syslog-ng37/repo/epel-7/czanik-syslog-ng37-epel-7.repo> add the repo and then "yum install syslog-ng" after that i have download the Elasticsearch and install it and that is it. Im using CentOS 7.
you also want the package syslog-ng-java
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq