[syslog-ng] Web Visualize logs (Ivan Adji - Krstev)
Ivan Adji - Krstev
akivanradix at gmail.com
Fri May 27 12:08:21 CEST 2016
Hi Bazsi,
I get syslog from:
"https://copr.fedorainfracloud.org/coprs/czanik/syslog-ng37/repo/epel-7/czanik-syslog-ng37-epel-7.repo"
add the repo and then "yum install syslog-ng"
after that i have download the Elasticsearch and install it and that is it.
Im using CentOS 7.
Ivan
On 05/27/2016 11:57 AM, Balazs Scheidler wrote:
>
> Your build of syslog-ng seems to lack java support. It should be
> present in 3.7.x releases, but it also depends on who compiled them.
> Where did you get your binaries from?
>
> BTW, someone builds syslog-ng docker images that has java support. You
> might try that to get through the initial hassles. Then later you may
> decide whether to use the docker in production or rather get a recent
> and properly built binary.
>
> Bazsi
>
> On May 27, 2016 10:16 AM, "Ivan Adji - Krstev" <akivanradix at gmail.com
> <mailto:akivanradix at gmail.com>> wrote:
>
> Thanks for the doc. I read them and i have the following error:
>
> *Error parsing destination, destination plugin java not found in
> /etc/syslog-ng/syslog-ng.conf at line 57, column 3:**
> ** java(
>
> *I have configure as follow:
> @version:3.7
> @include "scl.conf"
> @module mod-java
>
> source s_sys {
> system();
> internal();
> network(ip(0.0.0.0) port(6514)
> flags(syslog-protocol)
> transport("tls")
> tls(key_file("/etc/syslog-ng/cert.d/serverkey.pem")
> cert_file("/etc/syslog-ng/cert.d/servercert.pem")
> ca_dir("/etc/syslog-ng/ca.d")
> ) );
>
> };
>
> parser pattern_db {
> db-parser(
> file("/etc/syslog-ng/patterndb.d/patterndb.xml")
> );
> };
>
> destination d_es {
> java(
>
> class-path("/usr/lib64/syslog-ng/java-modules/*.jar:/usr/share/elasticsearch/lib/*.jar")
> class-name("org.syslog_ng.elasticsearch.ElasticSearchDestination")
> option("index", "syslog-ng_${YEAR}.${MONTH}.${DAY}")
> option("type", "test")
> option("cluster", "czpcluster")
> option("flush_limit", "100")
> option( "message_template", "$(format-json --scope rfc3164
> --scope nv-pairs --exclude R_DATE --key ISODATE)\n")
> );
> };
>
> I have installed just Syslog-NG and Elasticsearch ? Do i need to
> install somethign else ?
>
>
>
> On 05/26/2016 04:53 PM, Szabó, István wrote:
>> Hi,
>>
>> For using syslog-ng together with elasticsearch and Kibana this
>> is a pretty good description, also giving you a good
>> understanding of what it enables you to do:
>>
>> https://czanik.blogs.balabit.com/2015/10/how-to-parse-data-with-syslog-ng-store-in-elasticsearch-and-analyze-with-kibana/
>>
>> https://czanik.blogs.balabit.com/2015/12/elasticsearch-and-syslog-ng-fast-and-simple/
>>
>> /Istvan
>>
>>
>> ______________________________________________________________________________
>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>>
>
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>
>
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20160527/e3aced37/attachment.htm
More information about the syslog-ng
mailing list