Greetings all:
I recently installed syslog-ng on my Debian 9 system. I have tested syslog-ng with a file destination and everything seemed fine. Now, I am attempting?? to set the destination to my local Elasticsearch instance. However, I am receiving the following error:
Error parsing destination, destination plugin elasticsearch-http not found in /etc/syslog-ng/syslog-ng.conf at line 44, column 1:
elasticsearch-http(
^^^^^^^^^^^^^^^^^^
My configuration, based on the documentation:
elasticsearch-http(
?? index("syslog")
?? type("test")
?? url("http:/localhost:9200/_bulk"));
};
Output of syslog-ng --version:
syslog-ng 3.8.1 Installer-Version: 3.8.1 Revision: 3.8.1-10 Module-Directory: /usr/lib/syslog-ng/3.8 Module-Path: /usr/lib/syslog-ng/3.8 Available-Modules: disk-buffer,redis,date,afstomp,afprog,afsocket,pseudofile,confgen,csvparser,afsql,kvformat,geoip-plugin,afuser,afsmtp,system-source,mod-python,afamqp,riemann,linux-kmsg-format,dbparser,basicfuncs,syslogformat,graphite,afmongodb,json-plugin,cryptofuncs,affile,sdjournal,cef,add-contextual-data Enable-Debug: off Enable-GProf: off Enable-Memtrace: off Enable-IPv6: on Enable-Spoof-Source: on Enable-TCP-Wrapper: on Enable-Linux-Caps: off
I saw no indication in the documentation that any special modules/plugins needed to be loaded to use Elasticsearch as the destination. Any pointers as to what the issue is would be appreciated.??