[syslog-ng] systemd syslog-ng does not start CentOS 7.2.1511

Scot Needy scotrn at gmail.com
Wed Apr 13 14:03:51 CEST 2016 

Systemd was enabled at OS deployment so I believe systemd libs were already installed unless a systemd-devel package needed to be added ? 


# /opt/syslog-ng/sbin/syslog-ng -V
syslog-ng 3.8.0alpha0
Installer-Version: 3.8.0alpha0
Revision:
Module-Directory: /opt/syslog-ng/lib/syslog-ng
Module-Path: /opt/syslog-ng/lib/syslog-ng
Available-Modules: syslogformat,afsocket,affile,afprog,afuser,afamqp,afmongodb,afsmtp,csvparser,confgen,system-source,linux-kmsg-format,basicfuncs,cryptofuncs,dbparser,json-plugin,geoip-plugin,afstomp,pseudofile,graphite,sdjournal,mod-java,kvformat,date,cef,disk-buffer
Enable-Debug: off
Enable-GProf: off
Enable-Memtrace: off
Enable-IPv6: on
Enable-Spoof-Source: on
Enable-TCP-Wrapper: off
Enable-Linux-Caps: off


ALSO, getting this error I can’t track down related to elasticsearchv2.  

[root at loghost etc]# /opt/syslog-ng/sbin/syslog-ng -f /opt/syslog-ng/etc/syslog-ng.conf -p /var/run/syslogd.pid  -F -d --trace -v |tail 
[2016-04-13T08:00:35.417016] Add path to classpath: /usr/share/elasticsearch/lib/lucene-suggest-5.5.0.jar;
[2016-04-13T08:00:35.417158] Add path to classpath: /usr/share/elasticsearch/lib/netty-3.10.5.Final.jar;
[2016-04-13T08:00:35.417288] Add path to classpath: /usr/share/elasticsearch/lib/securesm-1.0.jar;
[2016-04-13T08:00:35.417407] Add path to classpath: /usr/share/elasticsearch/lib/snakeyaml-1.15.jar;
[2016-04-13T08:00:35.417527] Add path to classpath: /usr/share/elasticsearch/lib/spatial4j-0.5.jar;
[2016-04-13T08:00:35.417630] Add path to classpath: /usr/share/elasticsearch/lib/t-digest-3.0.jar;
[2016-04-13T08:00:35.499351] Add path to classpath: /opt/syslog-ng/lib/syslog-ng/java-modules/syslog-ng-core.jar;
[2016-04-13T08:00:35.556808] Error initializing message pipeline;


### External Network sources
source s_net {
	udp(ip(0.0.0.0) port(514) so_rcvbuf(262142));
	tcp(ip(0.0.0.0) port(514) max-connections(250) so_rcvbuf(262142) log_iw_size(25000) );
};

destination d_es {
   elasticsearch(
       index("syslog-ng_${YEAR}.${MONTH}.${DAY}")
       type("syslog-ng") # Description: The type of the index. For example, type("test")
       class-path("/opt/syslog-ng/lib/syslog-ng/java-modules/*.jar:/usr/share/elasticsearch/lib/*.jar:/usr/share/elasticsearch/modules/*/*.jar")
       client_mode("node")
	# Transport mode.
	# The syslog-ng OSE application uses the transport client API of Elasticsearch
	# and uses the server(), port(), and cluster() options from the syslog-ng OSE configuration file.
	# Node mode.
	# The syslog-ng OSE application acts as an Elasticsearch node (client no-data)
	# using the node client API of Elasticsearch. You must set further options for the node in an Elasticsearch configuration file specified in the resource() option.
       server("127.0.0.1")
       port("9300")
       cluster("syslog-ng")
       #resource("/etc/elasticsearch/elasticsearch.yml")
       #template("$(format-json -s all-nv-pairs -p @timestamp=$ISODATE -p @message=$MSG)")
       template("$(format-json --scope rfc5424 --exclude DATE --key ISODATE @timestamp=${ISODATE})")
   );
};

# sending logs to ES destination
log {
  source(s_net);
  parser(pattern_db);
  destination(d_es);
  flags(flow-control);
};



 


> On Apr 13, 2016, at 5:46 AM, Gergely Nagy <algernon at madhouse-project.org> wrote:
> 
> On Tue, Apr 12, 2016 at 9:00 PM, Scot Needy <scotrn at gmail.com> wrote:
>> Compiled syslog-ng  syslog-ng 3.8.0alpha0 no problems.
> 
> When compiling, did you have the systemd libs installed? If not, then
> the Type=notify will not work, as the systemd libs are required for
> that support to be compiled in. Without those, syslog-ng will happily
> start on the CLI or via sysvinit scripts, but since it does not notify
> systemd, Type=notify won't work.
> 
> Can you post the summary of the configure run? It should print a list
> of enabled features.
> 
> -- 
> |8]
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20160413/0caef9c1/attachment.htm

More information about the syslog-ng mailing list