Hello Syslog-NG community,
I am trying to configure syslog-ng to send messages to Elasticsearch for me to process them in Kibana. I get an error for the @module mod-java and the elasticsearch2 destination.
I am running OpenSuse 42.3.
syslog-ng --version:
syslog-ng 3.8.1
Installer-Version: 3.8.1
Revision:
Module-Directory: /usr/lib64/syslog-ng
Module-Path: /usr/lib64/syslog-ng
Available-Modules: add-contextual-data,afamqp,affile,afmongodb,afprog,afsocket,afstomp,afuser,basicfuncs,cef,confgen,cryptofuncs,csvparser,date,dbparser,disk-buffer,graphite,json-plugin,kvformat,linux-kmsg-format,pseudofile,sdjournal,syslogformat,system-source
Enable-Debug: off
Enable-GProf: off
Enable-Memtrace: off
Enable-IPv6: on
Enable-Spoof-Source: on
Enable-TCP-Wrapper: on
Enable-Linux-Caps: off
I have downloaded and extracted Elasticsearch 6.3.0 and placed it in /usr/local/bin/elasticsearch-6.3.0/. In accordance to this:
"Extract the Elasticsearch libraries into a temporary directory, then collect the various .jar files into
a single directory (for example, /opt/elasticsearch/lib/ ) where syslog-ng OSE can access
them. You must specify this directory in the syslog-ng OSE configuration file. The files are located
in the lib directory and its subdirectories of the Elasticsearch release package." (quoted from Syslog-NG OSE 3.15 Admin Guide, 7.3.1. Procedure – Prerequisites, Step 3, page 175)
I copied all JAR libraries inside elasticsearch-6.3.0/lib/ to the default path for syslog-ng plug-ins which is /usr/lib64/syslog-ng as stated below. Is this not what the step tells me to do?
I get the following error:
I seemt o be missing to necessary plug-ins:
mod-java
elasticsearch2
Where can I get these?
Feel free to request any additional info I might have missed out on.
Sincerely
Niklas Deffner