Systemd was enabled at OS deployment so I believe systemd libs were already installed unless a systemd-devel package needed to be added ? # /opt/syslog-ng/sbin/syslog-ng -V syslog-ng 3.8.0alpha0 Installer-Version: 3.8.0alpha0 Revision: Module-Directory: /opt/syslog-ng/lib/syslog-ng Module-Path: /opt/syslog-ng/lib/syslog-ng Available-Modules: syslogformat,afsocket,affile,afprog,afuser,afamqp,afmongodb,afsmtp,csvparser,confgen,system-source,linux-kmsg-format,basicfuncs,cryptofuncs,dbparser,json-plugin,geoip-plugin,afstomp,pseudofile,graphite,sdjournal,mod-java,kvformat,date,cef,disk-buffer Enable-Debug: off Enable-GProf: off Enable-Memtrace: off Enable-IPv6: on Enable-Spoof-Source: on Enable-TCP-Wrapper: off Enable-Linux-Caps: off ALSO, getting this error I can’t track down related to elasticsearchv2. [root@loghost etc]# /opt/syslog-ng/sbin/syslog-ng -f /opt/syslog-ng/etc/syslog-ng.conf -p /var/run/syslogd.pid -F -d --trace -v |tail [2016-04-13T08:00:35.417016] Add path to classpath: /usr/share/elasticsearch/lib/lucene-suggest-5.5.0.jar; [2016-04-13T08:00:35.417158] Add path to classpath: /usr/share/elasticsearch/lib/netty-3.10.5.Final.jar; [2016-04-13T08:00:35.417288] Add path to classpath: /usr/share/elasticsearch/lib/securesm-1.0.jar; [2016-04-13T08:00:35.417407] Add path to classpath: /usr/share/elasticsearch/lib/snakeyaml-1.15.jar; [2016-04-13T08:00:35.417527] Add path to classpath: /usr/share/elasticsearch/lib/spatial4j-0.5.jar; [2016-04-13T08:00:35.417630] Add path to classpath: /usr/share/elasticsearch/lib/t-digest-3.0.jar; [2016-04-13T08:00:35.499351] Add path to classpath: /opt/syslog-ng/lib/syslog-ng/java-modules/syslog-ng-core.jar; [2016-04-13T08:00:35.556808] Error initializing message pipeline; ### External Network sources source s_net { udp(ip(0.0.0.0) port(514) so_rcvbuf(262142)); tcp(ip(0.0.0.0) port(514) max-connections(250) so_rcvbuf(262142) log_iw_size(25000) ); }; destination d_es { elasticsearch( index("syslog-ng_${YEAR}.${MONTH}.${DAY}") type("syslog-ng") # Description: The type of the index. For example, type("test") class-path("/opt/syslog-ng/lib/syslog-ng/java-modules/*.jar:/usr/share/elasticsearch/lib/*.jar:/usr/share/elasticsearch/modules/*/*.jar") client_mode("node") # Transport mode. # The syslog-ng OSE application uses the transport client API of Elasticsearch # and uses the server(), port(), and cluster() options from the syslog-ng OSE configuration file. # Node mode. # The syslog-ng OSE application acts as an Elasticsearch node (client no-data) # using the node client API of Elasticsearch. You must set further options for the node in an Elasticsearch configuration file specified in the resource() option. server("127.0.0.1") port("9300") cluster("syslog-ng") #resource("/etc/elasticsearch/elasticsearch.yml") #template("$(format-json -s all-nv-pairs -p @timestamp=$ISODATE -p @message=$MSG)") template("$(format-json --scope rfc5424 --exclude DATE --key ISODATE @timestamp=${ISODATE})") ); }; # sending logs to ES destination log { source(s_net); parser(pattern_db); destination(d_es); flags(flow-control); };
On Apr 13, 2016, at 5:46 AM, Gergely Nagy <algernon@madhouse-project.org> wrote:
On Tue, Apr 12, 2016 at 9:00 PM, Scot Needy <scotrn@gmail.com> wrote:
Compiled syslog-ng syslog-ng 3.8.0alpha0 no problems.
When compiling, did you have the systemd libs installed? If not, then the Type=notify will not work, as the systemd libs are required for that support to be compiled in. Without those, syslog-ng will happily start on the CLI or via sysvinit scripts, but since it does not notify systemd, Type=notify won't work.
Can you post the summary of the configure run? It should print a list of enabled features.
-- |8] ______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq