[syslog-ng] systemd syslog-ng does not start CentOS 7.2.1511 [ SOLVED ]
Scot Needy
scotrn at gmail.com
Wed Apr 13 18:24:50 CEST 2016
Does not look like I’m getting data into es. How could I tell does data=false mean it’s not storring ?
tail -f /var/log/elasticsearch/syslog-ng.log while restarting syslog-ng.
[2016-04-13 12:21:26,762][INFO ][cluster.service ] [NODE-1] removed {{NODE-1}{K0_nu3-4TKKjPQfoMUlOhw}{127.0.0.1}{127.0.0.1:9301}{client=true, data=false},}, reason: zen-disco-node_left({NODE-1}{K0_nu3-4TKKjPQfoMUlOhw}{127.0.0.1}{127.0.0.1:9301}{client=true, data=false})
[2016-04-13 12:21:34,440][INFO ][cluster.service ] [NODE-1] added {{NODE-1}{mXgtXGW3Raai_L7GEdxLVQ}{127.0.0.1}{127.0.0.1:9301}{client=true, data=false},}, reason: zen-disco-join(join from node[{NODE-1}{mXgtXGW3Raai_L7GEdxLVQ}{127.0.0.1}{127.0.0.1:9301}{client=true, data=false}])
> On Apr 13, 2016, at 11:38 AM, Fabien Wernli <wernli at in2p3.fr> wrote:
>
> On Wed, Apr 13, 2016 at 11:32:47AM -0400, Scot Needy wrote:
>> NOTE: I do not believe some options like server,port,.. are needed in node mode.
>
> correct: in node mode, almost everything is in the yaml
>
>> What is the relationship to the ES service and syslog-ng in node mode?
>
> No direct relation in any mode: the ES data node runs in a different JVM on
> same or other node.
>
>> It looks like in node mode the es2 module write directly to the shard ?
>
> Yes, syslog-ng runs an ES instance itself that joins the cluster of the
> other ES instance(s). It writes documents directly to the correct nodes.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20160413/846336fe/attachment.htm
More information about the syslog-ng
mailing list