[syslog-ng] syslog-ng 3.11 to elasticsearch 2.4.6

Blake Pomeroy bpomeroy at ebsco.com
Fri Sep 29 20:04:14 UTC 2017


Hello,

I am trying to set up syslog-ng to elasticsearch, not using as the middleware. According to https://www.balabit.com/blog/elasticsearch-and-syslog-ng-fast-and-simple/

it is doable.  However, I am not finding an example that works for my config.

I have syslog-ng version 3.11
Elasticsearch 2.4.6

All running on one machine with Ubuntu 16.04.

My syslog-ng is standard with the @include for the conf.d directory.  In which I had hoped to create a working elsasticsearch.conf to define the how to send the logs.
Likewise I have syslog-ng-mod-elasticsearch installed.

Any help or pointing me to some examples would be great.

Thanks


Blake Pomeroy
Security Engineer
Cloud Engineering/InfoSec
EBSCO
Desk 978-356-6500 x3693
www.ebsco.com<http://www.ebsco.com>
[cid:image001.png at 01D3393C.98252AF0]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20170929/4fce9a50/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 3513 bytes
Desc: image001.png
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20170929/4fce9a50/attachment.png>


More information about the syslog-ng mailing list