[syslog-ng] Syslog-ng newbie.

[Evan Rempel]

In that case you should read through the blog post to define the 
destination of where to send the logs.

https://www.syslog-ng.com/community/b/blog/posts/bulk-mode-message-sending-to-elasticsearch-with-syslog-ng-http-destination

Your source definition is fine, however your "log" definition will need 
to include the "destination" that you
define with the help of the above blog post.

Evan.

On 12/30/18 12:54 AM, Jason Long wrote:
> Thank you, but I want to send " /var/log/nginx" and need properly 
> configuration.
>
> On Saturday, December 29, 2018, 6:42:58 PM GMT+3:30, Evan Rempel wrote:
>
>
> If at all possible you should have the application (nginx in this 
> case) to log directly to syslog if it can.
> nginx can do this with the caveat that you will no longer have files 
> of logs. You should have syslog write
> the logs to a file.
>
> See document at
> http://nginx.org/en/docs/syslog.html
>
> The the nginx logs will show up in /var/log/XXXX depending on which 
> log files your syslog daemon is configured to write.
> (syslog, messages etc.)
>
> Evan.
>
> On 12/29/18 4:32 AM, Jason Long wrote:
> Hello.
> I want to send Nginx log via syslog-ng to a server that Elasticsearch 
> and Kibana installed on it. I'm a beginner and searched in Google but 
> can't find a good tutorial. I want to know on Nginx server with 
> syslog-ng installed is below config enough?
>
> options { chain_hostnames(off); flush_lines(0); use_dns(no); use_fqdn(no);
>           owner("root"); group("adm"); perm(0640); stats_freq(0);
>           bad_hostname("^gconfd$");
> };
> source s_myfile {
>     file("/var/log/nginx/access.log" follow_freq(1) flags(no-parse));
> };
> log { source(s_myfile); };
>
> I'm thankful if anyone share advice.
>
> Thank you.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20181230/457d6a21/attachment.html>