[syslog-ng] Elasticsearch destination
wernli at in2p3.fr
Thu Oct 23 17:03:34 CEST 2014
On Thu, Oct 23, 2014 at 10:50:55AM -0400, jrhendri at roadrunner.com wrote:
> Are you saying I would not need to use the format-json bit? If so - how would I select/name the desired fields that were parsed with patterndb?
By simply passing `scope` to the destination block 
I also use a special `exclude`  parameter that lets me furter drop
> As far as overall performance - I really think it is a combination of disk I/O and memory starvation.
I'm using collectd, riemann and riemann-dash to monitor syslog-ng and ES performance live
More information about the syslog-ng