[syslog-ng] Trouble configuring elasticsearch2 destination
T4iga
niklastai97 at gmail.com
Tue Jul 3 09:34:49 UTC 2018
Hello Syslog-NG community,
I am trying to configure syslog-ng to send messages to Elasticsearch for me
to process them in Kibana. I get an error for the @module mod-java and the
elasticsearch2 destination.
I am running OpenSuse 42.3.
syslog-ng --version:
syslog-ng 3.8.1
Installer-Version: 3.8.1
Revision:
Module-Directory: /usr/lib64/syslog-ng
Module-Path: /usr/lib64/syslog-ng
Available-Modules:
add-contextual-data,afamqp,affile,afmongodb,afprog,afsocket,afstomp,afuser,basicfuncs,cef,confgen,cryptofuncs,csvparser,date,dbparser,disk-buffer,graphite,json-plugin,kvformat,linux-kmsg-format,pseudofile,sdjournal,syslogformat,system-source
Enable-Debug: off
Enable-GProf: off
Enable-Memtrace: off
Enable-IPv6: on
Enable-Spoof-Source: on
Enable-TCP-Wrapper: on
Enable-Linux-Caps: off
I have downloaded and extracted Elasticsearch 6.3.0 and placed it in
/usr/local/bin/elasticsearch-6.3.0/. In accordance to this:
"Extract the Elasticsearch libraries into a temporary directory, then
collect the various .jar files into
a single directory (for example, /opt/elasticsearch/lib/ ) where syslog-ng
OSE can access
them. You must specify this directory in the syslog-ng OSE configuration
file. The files are located
in the lib directory and its subdirectories of the Elasticsearch release
package." (quoted from Syslog-NG OSE 3.15 Admin Guide, 7.3.1. Procedure –
Prerequisites, Step 3, page 175)
I copied all JAR libraries inside elasticsearch-6.3.0/lib/ to the default
path for syslog-ng plug-ins which is /usr/lib64/syslog-ng as stated below.
Is this not what the step tells me to do?
I get the following error:
#[2018-07-03T11:20:39.403329] Plugin module not found in 'module-path';
module-path='/usr/lib64/syslog-ng', module='mod-java'
Error parsing destination, destination plugin elasticsearch2 not found in
/etc/syslog-ng/syslog-ng.conf at line 141, column 2:
elasticsearch2(
^^^^^^^^^^^^^^
syslog-ng documentation:
http://www.balabit.com/support/documentation/?product=syslog-ng
mailing list: https://lists.balabit.hu/mailman/listinfo/syslog-ng
I seemt o be missing to necessary plug-ins:
mod-java
elasticsearch2
Where can I get these?
Feel free to request any additional info I might have missed out on.
Sincerely
Niklas Deffner
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20180703/a92f2f62/attachment-0001.html>
More information about the syslog-ng
mailing list