error on syslog-ng elasticsearch2 destination
Hi, I'm getting the following error when trying to configure the elasticseach2 backend: Error parsing destination statement, destination plugin java not found in block destination elasticsearch2() at /usr/share/syslog-ng/include/scl/elasticsearch/plugin.conf:25:4:3-4:7: 1 2 #Start Block block destination elasticsearch2() at /usr/share/syslog-ng/include/scl/elasticsearch/plugin.conf:25 3 4-----> java( 4-----> ^^^^ 5 class_path("//usr/lib64/syslog-ng/java-modules/*.jar://usr/lib64/syslog-ng/java-modules/elastic-jest-client/*.jar:/*.jar") 6 class_name("org.syslog_ng.elasticsearch_v2.ElasticSearchDestination") 7 option("index", "logserver1") 8 option("type", "syslog") 9 option("server", "localhost") This is the block that causes the error: destination d_es { elasticsearch2 ( cluster("logserver1") client-mode("http") index("logserver1") type("syslog") template("$(format-json --scope rfc5424 --scope nv-pairs --exclude DATE --key ISODATE)") ); }; root@elk-server1 conf.d]# rpm -qa|grep syslog-ng syslog-ng-3.21.1-3.el7.x86_64 syslog-ng-java-3.21.1-3.el7.x86_64 syslog-ng-http-3.21.1-3.el7.x86_64 Any ideia? Thanks in advance.
ok, found the answer: https://www.syslog-ng.com/technical-documents/doc/syslog-ng-open-source-edit... On 6/25/19 3:57 PM, joao reis wrote:
Hi,
I'm getting the following error when trying to configure the elasticseach2 backend:
Error parsing destination statement, destination plugin java not found in block destination elasticsearch2() at /usr/share/syslog-ng/include/scl/elasticsearch/plugin.conf:25:4:3-4:7: 1 2 #Start Block block destination elasticsearch2() at /usr/share/syslog-ng/include/scl/elasticsearch/plugin.conf:25 3 4-----> java( 4-----> ^^^^ 5 class_path("//usr/lib64/syslog-ng/java-modules/*.jar://usr/lib64/syslog-ng/java-modules/elastic-jest-client/*.jar:/*.jar") 6 class_name("org.syslog_ng.elasticsearch_v2.ElasticSearchDestination") 7 option("index", "logserver1") 8 option("type", "syslog") 9 option("server", "localhost")
This is the block that causes the error:
destination d_es { elasticsearch2 ( cluster("logserver1") client-mode("http") index("logserver1") type("syslog") template("$(format-json --scope rfc5424 --scope nv-pairs --exclude DATE --key ISODATE)") ); };
root@elk-server1 conf.d]# rpm -qa|grep syslog-ng syslog-ng-3.21.1-3.el7.x86_64 syslog-ng-java-3.21.1-3.el7.x86_64 syslog-ng-http-3.21.1-3.el7.x86_64
Any ideia?
Thanks in advance.
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
participants (1)
-
joao reis