Hi Evan, On Fri, Mar 04, 2016 at 02:24:17PM -0800, Evan Rempel wrote:
What I was stating was that you could not have an ES instance started by /sbin/service elasticsearch start AND one started by syslog-ng as a syslog-ng destination because that is effectively running two ES instances on one host (perhaps this can be done with different ports/IPs?)
Well, you *can*. By default the ES binary node protocol runs on a port *range* starting at 9300. If you run the "regular" ES instance first it will bind to 9300. If you run syslog-ng afterwards its embedded ES instance will bind to port 9301: tcp6 0 0 127.0.0.1:9300 :::* LISTEN 30542/java tcp6 0 0 ::1:9300 :::* LISTEN 30542/java tcp6 0 0 127.0.0.1:9301 :::* LISTEN 1980/syslog-ng tcp6 0 0 ::1:9301 :::* LISTEN 1980/syslog-ng Cheers