[syslog-ng] Trouble configuring elasticsearch2 destination
T4iga
niklastai97 at gmail.com
Wed Jul 4 14:31:31 UTC 2018
I did not see your email from 2 minutes before mine. The config i used was
this:
I removed the content of the filters because it contains IP adresses I
would not like to share.
I hope that is not to relevant as per the evaluation.
You can see from the above email, that these exact filters do match the
message
so it should work as far as i can tell.
############### Globale Optionen ###############
@version:3.16.1
@include "scl.conf"
options {
chain_hostnames(off); # Standard
flush_lines(0); # Standard
perm(0640); # Standard
stats_freq(3600); # Standard
threaded(yes); # Standard
create-dirs(yes); # erlaubt Syslog-NG, falls noetig, neue
Verzeichnisse anzulegen
dir-owner(root); # die neuen Verzeichnisse gehoeren root
dir-perm(0640); # entspricht -rw-r-----, Besitzer: Lesen,
Schreiben; Gruppe: Lesen; Alle: Nichts
file-template(t_myLoggingFormat); # legt Standart-Template fuer
file Destinations fest
};
############### Sources - Quellen ###############
# Fuer interne Nachrichten
source s_myInternalSource {
system(); # von Betriebssystem und aehnlichem
internal(); # Syslog-interne Nachrichten
};
# Fuer Netzwerk-Nachrichten
source s_myNetworkSource {
syslog(
ip(0.0.0.0) #
port(601) # Standardport für legacy RFC 3164 UDP
syslog
transport("udp") #
);
syslog(
ip(0.0.0.0) #
port(514) # Non-Standardport
transport("udp") #
);
syslog(
ip(0.0.0.0) # Bedeutet NICHT, das von allen angenommen
wird, siehe filter
port(601) # Standardport für RFC 5424 TCP Syslog ist
601
transport("tcp") # TCP, damit Nachrichten garantiert am
Ziel ankommen
);
syslog(
ip(0.0.0.0) #
port(514) # Non-Standard Port
transport("tcp") #
);
### UDP ### fuer Checkpoint
#syslog(
# ip(0.0.0.0)
# port(601)
# transport("udp")
#);
#syslog(
# ip(0.0.0.0)
# port(514)
# transport("udp")
#);
};
############### Templates - Vorlagen ###############
# Aufbau des Nachrichteninhalts fuer Dateiziele
template t_myLoggingFormat {
template("$(padding ${FULLHOST} 15 '')|${ISODATE}|PRI:$(padding
${PRI} 3 '')|${MSGHDR} ${MSG}\n");
};
# Legacy-Nachrichten werden anders geparst
# Mit Standardtempalte wir die Originalnachricht vollständig in MSG
eingefügt
# Fuer Nachrichtenpfad
# Dateiname ist Tag(Nummer innerhalb des Monats)-Kuerzel(Mon, Tue, Wen,
Thu, Fri, Sat, Sun)
# zum Beispiel "127.0.0.1/2018/Jan/17-Sat"
template t_destination {
template("${FULLHOST}/${YEAR}/${YEAR}-${MONTH_ABBREV}-${DAY}.log");
};
############### Filter ###############
# Ein Filter je Quelle
# Filter kann man so machen:
# filter <filter-id>
# {"<macro-or-template>" operator "<value-or-macro-or-template>"};
# oder mit Functions
filter f_noDebug {
level(emerg..info); # Schließt Debug-Nachrichten aus
};
filter f_networkfilter {
};
filter f_checkpoints {
};
############### Rewrite Rules ######################
rewrite r_checkpoint_remove_irrelevant {
subst(
'\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2} - ',
'',
type("pcre"),
value("MESSAGE") flags("utf8" "store-matches")
);
};
############### Ziele - Destinations ###############
# Ein Ziel fuer jede IP-Adresse, Jahr, Monat, Tag, etc
destination d_myDestination{
file("/var/log/syslog-ng/$FULLHOST/$YEAR/$YEAR-$MONTH-$DAY.log"
create_dirs(yes)
);
};
destination d_testination{
file("/var/log/syslog-ng/test/$FULLHOST/$YEAR/$YEAR-$MONTH-$DAY.log"
create_dirs(yes)
);
};
############### Log-Pfade ###############
#
log {
source(s_myNetworkSource); # Fuer TCP und UDP
Nachrichten von allen Clients
source(s_myInternalSource); # interne Nachrichten
filter(f_networkfilter); # Nur 10.27.221er, 222er,
231er und 27er Netz
filter(f_noDebug); # alle außer debug
destination(d_myDestination); # universal Ziel; siehe
Template
};
#
log { # for testing purposes
source(s_myNetworkSource);
filter(f_checkpoints); # Nur Checkpoint-Non-Standard
filter(f_noDebug);
# rewrite(r_checkpoint_remove_irrelevant);
destination(d_myDestination);
};
#
#log { # for testing purposes
# source(s_myNetworkSource);
# source { syslog( ip( 0.0.0.0) transport("udp")
flags(syslog-protocol); };
# destination(d_testination);
#};
############################## ENDE ##############################
2018-07-04 16:21 GMT+02:00 T4iga <niklastai97 at gmail.com>:
> Hi,
>
> I uninstalled and reinstalled 3.16.1 as soon as it was available. The
> issue of no logging currently persists.
>
> running
> syslog-ng -Fdv
> always ends in
> [2018-07-04T16:15:27.124682] <<<<<< filter rule evaluation result;
> result='MATCH - Forwarding message to the next LogPipe', rule='f_noDebug',
> location='/etc/syslog-ng/syslog-ng.conf:85:19', msg='0x7ff5a40168c0'
> [2018-07-04T16:15:27.124696] <<<<<< filter rule evaluation result;
> result='MATCH - Forwarding message to the next LogPipe',
> rule='f_checkpoints', location='/etc/syslog-ng/syslog-ng.conf:98:23',
> msg='0x7ff5a40168c0'
> [2018-07-04T16:15:27.124709] <<<<<< Source side message processing finish;
> instance='0.0.0.0', location='/etc/syslog-ng/syslog-ng.conf:33:2',
> msg='0x7ff5a40168c0'
> Floating point exception (core dumped)
>
> and there are not messages writen the (local) file destination.
> Could this be another issue with the build or is that my config?
> The odd thing is i already reverted to an older config which was
> previously verified functional
>
> Sincerely
> Niklas Deffner
>
> 2018-07-04 15:37 GMT+02:00 Niklas Deffner <niklastai97 at gmail.com>:
>
>>
>> Hi,
>>
>> Thank you for the explanation.
>>
>> Is that also the reason why logging (in my case)does not work at all in
>> this current state, no matter the config used, even 'crashless'?
>>
>> Sincerely
>> Niklas Deffner
>>
>>
>> Am 4. Juli 2018 15:29:10 MESZ schrieb "Szemere, László" <
>> laszlo.szemere at balabit.com>:
>>>
>>> Hello T4iga,
>>> Your error message helped a lot, Thank You. It successfully leaded us
>>> here: https://github.com/balabit/syslog-ng/blob/41f7c202cb25
>>> 433feb0fa9496960599a53b58522/modules/java/native/java-class-loader.c#L51
>>> From this @Czanik and me figured out it was a configuration/packaging
>>> error. Peter immediately created a new build, which worked well on his
>>> local machine.
>>> The opensuse building is still running: https://build.opensus
>>> e.org/package/show/home:czanik:syslog-ng316/syslog-ng , please update
>>> your packages with the finished output.
>>>
>>> Best regards,
>>> Laci
>>>
>>>
>>> On Wed, Jul 4, 2018 at 10:51 AM, T4iga <niklastai97 at gmail.com> wrote:
>>>
>>>> 2018-07-04 10:23 GMT+02:00 Fabien Wernli <wernli at in2p3.fr>:
>>>>
>>>>> In order to put aside any systemd complexities,
>>>>> let's try to run syslog-ng in the foreground:
>>>>>
>>>>> export LD_LIBRARY_PATH=/usr/lib64/jvm
>>>>> /java-1.8.0-openjdk-1.8.0/jre/lib/amd64/server
>>>>> syslog-ng -Fdv
>>>>>
>>>>> What happens then?
>>>>>
>>>>> ____________________________________________________________
>>>>> __________________
>>>>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>>>>> Documentation: http://www.balabit.com/support
>>>>> /documentation/?product=syslog-ng
>>>>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>>>>>
>>>>>
>>>> I got an error that lead me to correct another semantic error I made.
>>>> After correcting that it still crashes:
>>>> I suppose the initialization stuff is irrelevant as there are not
>>>> errors apart from the end:
>>>>
>>>> [2018-07-04T10:37:37.193736] Java machine new;
>>>> [2018-07-04T10:37:37.242506] Can't find class;
>>>> class_name='org/syslog_ng/SyslogNgClassLoader'
>>>> **
>>>> ERROR:modules/java/native/java_machine.c:206:java_machine_get_class_loader:
>>>> assertion failed: (self->loader)
>>>> Aborted (core dumped)
>>>>
>>>> Just in case the full thing is needed:
>>>>
>>>> # syslog-ng -Fdv
>>>> [2018-07-04T10:37:37.182933] Systemd is detected as the running init
>>>> system;
>>>> [2018-07-04T10:37:37.184634] Module loaded and initialized
>>>> successfully; module='mod-java'
>>>> [2018-07-04T10:37:37.184664] Starting to read include file;
>>>> filename='/etc/syslog-ng/scl.conf', depth='1'
>>>> [2018-07-04T10:37:37.184921] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/apache/apache.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.184927] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/cim/adapter.conf', depth='2'
>>>> [2018-07-04T10:37:37.184930] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/cim/template.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.184932] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/cisco/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.184934] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/default-network-drivers/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.184937] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/elasticsearch/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.184940] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/ewmm/ewmm.conf', depth='2'
>>>> [2018-07-04T10:37:37.184942] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/graphite/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.184945] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/graylog2/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.184947] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/hdfs/plugin.conf', depth='2'
>>>> [2018-07-04T10:37:37.184951] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/iptables/iptables.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.184955] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/kafka/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.184959] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/loadbalancer/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.184962] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/loggly/loggly.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.184966] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/logmatic/logmatic.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.184969] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/mbox/mbox.conf', depth='2'
>>>> [2018-07-04T10:37:37.184972] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/nodejs/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.184975] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/osquery/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.184978] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/pacct/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.184981] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/rewrite/cc-mask.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.184984] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/snmptrap/snmptrapd-source.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.184988] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/solaris/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.184991] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/sudo/sudo.conf', depth='2'
>>>> [2018-07-04T10:37:37.184994] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/syslogconf/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.184998] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/system/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.185001] Adding include file;
>>>> filename='/usr/share/syslog-ng/include/scl/windowseventlog/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.185007] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/apache/apache.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.185044] Reading path for candidate modules;
>>>> path='/usr/lib64/syslog-ng'
>>>> [2018-07-04T10:37:37.185080] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libjvm.so', module='jvm'
>>>> [2018-07-04T10:37:37.185117] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libadd-contextual-data.so',
>>>> module='add-contextual-data'
>>>> [2018-07-04T10:37:37.185182] Registering candidate plugin;
>>>> module='add-contextual-data', context='parser', name='add_contextual_data'
>>>> [2018-07-04T10:37:37.185201] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libaffile.so', module='affile'
>>>> [2018-07-04T10:37:37.185271] Registering candidate plugin;
>>>> module='affile', context='source', name='file'
>>>> [2018-07-04T10:37:37.185277] Registering candidate plugin;
>>>> module='affile', context='source', name='pipe'
>>>> [2018-07-04T10:37:37.185280] Registering candidate plugin;
>>>> module='affile', context='source', name='wildcard_file'
>>>> [2018-07-04T10:37:37.185283] Registering candidate plugin;
>>>> module='affile', context='source', name='stdin'
>>>> [2018-07-04T10:37:37.185286] Registering candidate plugin;
>>>> module='affile', context='destination', name='file'
>>>> [2018-07-04T10:37:37.185289] Registering candidate plugin;
>>>> module='affile', context='destination', name='pipe'
>>>> [2018-07-04T10:37:37.185303] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libafmongodb.so',
>>>> module='afmongodb'
>>>> [2018-07-04T10:37:37.185613] Registering candidate plugin;
>>>> module='afmongodb', context='destination', name='mongodb'
>>>> [2018-07-04T10:37:37.185640] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libafprog.so', module='afprog'
>>>> [2018-07-04T10:37:37.185702] Registering candidate plugin;
>>>> module='afprog', context='source', name='program'
>>>> [2018-07-04T10:37:37.185707] Registering candidate plugin;
>>>> module='afprog', context='destination', name='program'
>>>> [2018-07-04T10:37:37.185720] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libafsocket.so',
>>>> module='afsocket'
>>>> [2018-07-04T10:37:37.185867] Registering candidate plugin;
>>>> module='afsocket', context='source', name='unix-stream'
>>>> [2018-07-04T10:37:37.185872] Registering candidate plugin;
>>>> module='afsocket', context='destination', name='unix-stream'
>>>> [2018-07-04T10:37:37.185876] Registering candidate plugin;
>>>> module='afsocket', context='source', name='unix-dgram'
>>>> [2018-07-04T10:37:37.185879] Registering candidate plugin;
>>>> module='afsocket', context='destination', name='unix-dgram'
>>>> [2018-07-04T10:37:37.185883] Registering candidate plugin;
>>>> module='afsocket', context='source', name='tcp'
>>>> [2018-07-04T10:37:37.185886] Registering candidate plugin;
>>>> module='afsocket', context='destination', name='tcp'
>>>> [2018-07-04T10:37:37.185889] Registering candidate plugin;
>>>> module='afsocket', context='source', name='tcp6'
>>>> [2018-07-04T10:37:37.185892] Registering candidate plugin;
>>>> module='afsocket', context='destination', name='tcp6'
>>>> [2018-07-04T10:37:37.185896] Registering candidate plugin;
>>>> module='afsocket', context='source', name='udp'
>>>> [2018-07-04T10:37:37.185899] Registering candidate plugin;
>>>> module='afsocket', context='destination', name='udp'
>>>> [2018-07-04T10:37:37.185902] Registering candidate plugin;
>>>> module='afsocket', context='source', name='udp6'
>>>> [2018-07-04T10:37:37.185906] Registering candidate plugin;
>>>> module='afsocket', context='destination', name='udp6'
>>>> [2018-07-04T10:37:37.185909] Registering candidate plugin;
>>>> module='afsocket', context='source', name='syslog'
>>>> [2018-07-04T10:37:37.185912] Registering candidate plugin;
>>>> module='afsocket', context='destination', name='syslog'
>>>> [2018-07-04T10:37:37.185915] Registering candidate plugin;
>>>> module='afsocket', context='source', name='network'
>>>> [2018-07-04T10:37:37.185921] Registering candidate plugin;
>>>> module='afsocket', context='destination', name='network'
>>>> [2018-07-04T10:37:37.185924] Registering candidate plugin;
>>>> module='afsocket', context='source', name='systemd-syslog'
>>>> [2018-07-04T10:37:37.185951] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libafstomp.so', module='afstomp'
>>>> [2018-07-04T10:37:37.186009] Registering candidate plugin;
>>>> module='afstomp', context='destination', name='stomp'
>>>> [2018-07-04T10:37:37.186024] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libafuser.so', module='afuser'
>>>> [2018-07-04T10:37:37.186077] Registering candidate plugin;
>>>> module='afuser', context='destination', name='usertty'
>>>> [2018-07-04T10:37:37.186090] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libappmodel.so',
>>>> module='appmodel'
>>>> [2018-07-04T10:37:37.186142] Registering candidate plugin;
>>>> module='appmodel', context='root', name='application'
>>>> [2018-07-04T10:37:37.186147] Registering candidate plugin;
>>>> module='appmodel', context='parser', name='app-parser'
>>>> [2018-07-04T10:37:37.186159] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libbasicfuncs.so',
>>>> module='basicfuncs'
>>>> [2018-07-04T10:37:37.186227] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='grep'
>>>> [2018-07-04T10:37:37.186232] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='if'
>>>> [2018-07-04T10:37:37.186235] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='or'
>>>> [2018-07-04T10:37:37.186239] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='context-lookup'
>>>> [2018-07-04T10:37:37.186242] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='context-length'
>>>> [2018-07-04T10:37:37.186246] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='context-values'
>>>> [2018-07-04T10:37:37.186249] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='echo'
>>>> [2018-07-04T10:37:37.186252] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='length'
>>>> [2018-07-04T10:37:37.186256] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='substr'
>>>> [2018-07-04T10:37:37.186259] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='strip'
>>>> [2018-07-04T10:37:37.186262] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='sanitize'
>>>> [2018-07-04T10:37:37.186265] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='lowercase'
>>>> [2018-07-04T10:37:37.186269] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='uppercase'
>>>> [2018-07-04T10:37:37.186272] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='replace-delimiter'
>>>> [2018-07-04T10:37:37.186276] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='padding'
>>>> [2018-07-04T10:37:37.186279] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='binary'
>>>> [2018-07-04T10:37:37.186282] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='dirname'
>>>> [2018-07-04T10:37:37.186285] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='basename'
>>>> [2018-07-04T10:37:37.186289] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='list-concat'
>>>> [2018-07-04T10:37:37.186292] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='list-head'
>>>> [2018-07-04T10:37:37.186295] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='list-nth'
>>>> [2018-07-04T10:37:37.186299] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='list-tail'
>>>> [2018-07-04T10:37:37.186302] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='list-slice'
>>>> [2018-07-04T10:37:37.186306] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='list-count'
>>>> [2018-07-04T10:37:37.186309] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='list-append'
>>>> [2018-07-04T10:37:37.186312] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='+'
>>>> [2018-07-04T10:37:37.186315] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='-'
>>>> [2018-07-04T10:37:37.186319] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='*'
>>>> [2018-07-04T10:37:37.186322] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='/'
>>>> [2018-07-04T10:37:37.186325] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='%'
>>>> [2018-07-04T10:37:37.186328] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='sum'
>>>> [2018-07-04T10:37:37.186332] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='min'
>>>> [2018-07-04T10:37:37.186335] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='max'
>>>> [2018-07-04T10:37:37.186338] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='average'
>>>> [2018-07-04T10:37:37.186341] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='ipv4-to-int'
>>>> [2018-07-04T10:37:37.186345] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='indent-multi-line'
>>>> [2018-07-04T10:37:37.186348] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='env'
>>>> [2018-07-04T10:37:37.186351] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='template'
>>>> [2018-07-04T10:37:37.186355] Registering candidate plugin;
>>>> module='basicfuncs', context='template-func', name='urlencode'
>>>> [2018-07-04T10:37:37.186367] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libcef.so', module='cef'
>>>> [2018-07-04T10:37:37.186418] Registering candidate plugin;
>>>> module='cef', context='template-func', name='format-cef-extension'
>>>> [2018-07-04T10:37:37.186430] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libconfgen.so', module='confgen'
>>>> [2018-07-04T10:37:37.186486] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libcryptofuncs.so',
>>>> module='cryptofuncs'
>>>> [2018-07-04T10:37:37.186538] Registering candidate plugin;
>>>> module='cryptofuncs', context='template-func', name='uuid'
>>>> [2018-07-04T10:37:37.186543] Registering candidate plugin;
>>>> module='cryptofuncs', context='template-func', name='hash'
>>>> [2018-07-04T10:37:37.186547] Registering candidate plugin;
>>>> module='cryptofuncs', context='template-func', name='sha1'
>>>> [2018-07-04T10:37:37.186550] Registering candidate plugin;
>>>> module='cryptofuncs', context='template-func', name='sha256'
>>>> [2018-07-04T10:37:37.186554] Registering candidate plugin;
>>>> module='cryptofuncs', context='template-func', name='sha512'
>>>> [2018-07-04T10:37:37.186561] Registering candidate plugin;
>>>> module='cryptofuncs', context='template-func', name='md4'
>>>> [2018-07-04T10:37:37.186565] Registering candidate plugin;
>>>> module='cryptofuncs', context='template-func', name='md5'
>>>> [2018-07-04T10:37:37.186576] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libcsvparser.so',
>>>> module='csvparser'
>>>> [2018-07-04T10:37:37.186628] Registering candidate plugin;
>>>> module='csvparser', context='parser', name='csv-parser'
>>>> [2018-07-04T10:37:37.186641] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libdate.so', module='date'
>>>> [2018-07-04T10:37:37.186693] Registering candidate plugin;
>>>> module='date', context='parser', name='date-parser'
>>>> [2018-07-04T10:37:37.186705] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libdbparser.so',
>>>> module='dbparser'
>>>> [2018-07-04T10:37:37.186777] Registering candidate plugin;
>>>> module='dbparser', context='parser', name='db-parser'
>>>> [2018-07-04T10:37:37.186782] Registering candidate plugin;
>>>> module='dbparser', context='parser', name='grouping-by'
>>>> [2018-07-04T10:37:37.186795] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libdisk-buffer.so',
>>>> module='disk-buffer'
>>>> [2018-07-04T10:37:37.186849] Registering candidate plugin;
>>>> module='disk-buffer', context='inner-dest', name='disk_buffer'
>>>> [2018-07-04T10:37:37.186863] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libgraphite.so',
>>>> module='graphite'
>>>> [2018-07-04T10:37:37.186911] Registering candidate plugin;
>>>> module='graphite', context='template-func', name='graphite_output'
>>>> [2018-07-04T10:37:37.186924] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libhook-commands.so',
>>>> module='hook-commands'
>>>> [2018-07-04T10:37:37.186974] Registering candidate plugin;
>>>> module='hook-commands', context='inner-dest', name='hook-commands'
>>>> [2018-07-04T10:37:37.186979] Registering candidate plugin;
>>>> module='hook-commands', context='inner-src', name='hook-commands'
>>>> [2018-07-04T10:37:37.186990] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libjson-plugin.so',
>>>> module='json-plugin'
>>>> [2018-07-04T10:37:37.187083] Registering candidate plugin;
>>>> module='json-plugin', context='parser', name='json-parser'
>>>> [2018-07-04T10:37:37.187088] Registering candidate plugin;
>>>> module='json-plugin', context='template-func', name='format_json'
>>>> [2018-07-04T10:37:37.187105] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libkvformat.so',
>>>> module='kvformat'
>>>> [2018-07-04T10:37:37.187159] Registering candidate plugin;
>>>> module='kvformat', context='parser', name='kv-parser'
>>>> [2018-07-04T10:37:37.187164] Registering candidate plugin;
>>>> module='kvformat', context='parser', name='linux-audit-parser'
>>>> [2018-07-04T10:37:37.187168] Registering candidate plugin;
>>>> module='kvformat', context='template-func', name='format-welf'
>>>> [2018-07-04T10:37:37.187179] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='liblinux-kmsg-format.so',
>>>> module='linux-kmsg-format'
>>>> [2018-07-04T10:37:37.187229] Registering candidate plugin;
>>>> module='linux-kmsg-format', context='format', name='linux-kmsg'
>>>> [2018-07-04T10:37:37.187242] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libmap-value-pairs.so',
>>>> module='map-value-pairs'
>>>> [2018-07-04T10:37:37.187293] Registering candidate plugin;
>>>> module='map-value-pairs', context='parser', name='map_value_pairs'
>>>> [2018-07-04T10:37:37.187306] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libpseudofile.so',
>>>> module='pseudofile'
>>>> [2018-07-04T10:37:37.187358] Registering candidate plugin;
>>>> module='pseudofile', context='destination', name='pseudofile'
>>>> [2018-07-04T10:37:37.187371] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libsdjournal.so',
>>>> module='sdjournal'
>>>> [2018-07-04T10:37:37.187425] Registering candidate plugin;
>>>> module='sdjournal', context='source', name='systemd-journal'
>>>> [2018-07-04T10:37:37.187438] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libsnmptrapd-parser.so',
>>>> module='snmptrapd-parser'
>>>> [2018-07-04T10:37:37.187489] Registering candidate plugin;
>>>> module='snmptrapd-parser', context='parser', name='snmptrapd-parser'
>>>> [2018-07-04T10:37:37.187502] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libstardate.so',
>>>> module='stardate'
>>>> [2018-07-04T10:37:37.187553] Registering candidate plugin;
>>>> module='stardate', context='template-func', name='stardate'
>>>> [2018-07-04T10:37:37.187566] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libsyslogformat.so',
>>>> module='syslogformat'
>>>> [2018-07-04T10:37:37.187618] Registering candidate plugin;
>>>> module='syslogformat', context='format', name='syslog'
>>>> [2018-07-04T10:37:37.187624] Registering candidate plugin;
>>>> module='syslogformat', context='parser', name='syslog-parser'
>>>> [2018-07-04T10:37:37.187635] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libsystem-source.so',
>>>> module='system-source'
>>>> [2018-07-04T10:37:37.187684] Registering candidate plugin;
>>>> module='system-source', context='source', name='system'
>>>> [2018-07-04T10:37:37.187697] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libtags-parser.so',
>>>> module='tags-parser'
>>>> [2018-07-04T10:37:37.187747] Registering candidate plugin;
>>>> module='tags-parser', context='parser', name='tags-parser'
>>>> [2018-07-04T10:37:37.187760] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libtfgetent.so',
>>>> module='tfgetent'
>>>> [2018-07-04T10:37:37.187809] Registering candidate plugin;
>>>> module='tfgetent', context='template-func', name='getent'
>>>> [2018-07-04T10:37:37.187821] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libxml.so', module='xml'
>>>> [2018-07-04T10:37:37.187873] Registering candidate plugin;
>>>> module='xml', context='parser', name='xml'
>>>> [2018-07-04T10:37:37.187886] Reading shared object for a candidate
>>>> module; path='/usr/lib64/syslog-ng', fname='libmod-java.so',
>>>> module='mod-java'
>>>> [2018-07-04T10:37:37.187891] Registering candidate plugin;
>>>> module='mod-java', context='options', name='jvm_options'
>>>> [2018-07-04T10:37:37.187896] Registering candidate plugin;
>>>> module='mod-java', context='destination', name='java'
>>>> [2018-07-04T10:37:37.187948] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/apache/apache.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.187961] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/cim/adapter.conf', depth='2'
>>>> [2018-07-04T10:37:37.188052] Module loaded and initialized
>>>> successfully; module='appmodel'
>>>> [2018-07-04T10:37:37.188086] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/cim/adapter.conf', depth='2'
>>>> [2018-07-04T10:37:37.188098] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/cim/template.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.188223] Module loaded and initialized
>>>> successfully; module='json-plugin'
>>>> [2018-07-04T10:37:37.188348] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/cim/template.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.188362] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/cisco/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.188486] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/cisco/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.188497] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/default-network-drivers/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.188579] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/default-network-drivers/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.188590] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/elasticsearch/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.188623] Attempted to register the same plugin
>>>> multiple times, dropping the old one; context='parser', name='json-parser'
>>>> [2018-07-04T10:37:37.188629] Attempted to register the same plugin
>>>> multiple times, dropping the old one; context='template-func',
>>>> name='format_json'
>>>> [2018-07-04T10:37:37.188632] Module loaded and initialized
>>>> successfully; module='json-plugin'
>>>> [2018-07-04T10:37:37.188760] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/elasticsearch/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.188770] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/ewmm/ewmm.conf', depth='2'
>>>> [2018-07-04T10:37:37.188822] Attempted to register the same plugin
>>>> multiple times, dropping the old one; context='parser', name='json-parser'
>>>> [2018-07-04T10:37:37.188827] Attempted to register the same plugin
>>>> multiple times, dropping the old one; context='template-func',
>>>> name='format_json'
>>>> [2018-07-04T10:37:37.188830] Module loaded and initialized
>>>> successfully; module='json-plugin'
>>>> [2018-07-04T10:37:37.189032] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/ewmm/ewmm.conf', depth='2'
>>>> [2018-07-04T10:37:37.189043] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/graphite/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.189093] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/graphite/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.189103] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/graylog2/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.189137] Attempted to register the same plugin
>>>> multiple times, dropping the old one; context='parser', name='json-parser'
>>>> [2018-07-04T10:37:37.189142] Attempted to register the same plugin
>>>> multiple times, dropping the old one; context='template-func',
>>>> name='format_json'
>>>> [2018-07-04T10:37:37.189145] Module loaded and initialized
>>>> successfully; module='json-plugin'
>>>> [2018-07-04T10:37:37.189284] Module loaded and initialized
>>>> successfully; module='basicfuncs'
>>>> [2018-07-04T10:37:37.189316] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/graylog2/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.189328] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/hdfs/plugin.conf', depth='2'
>>>> [2018-07-04T10:37:37.189403] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/hdfs/plugin.conf', depth='2'
>>>> [2018-07-04T10:37:37.189413] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/iptables/iptables.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.189478] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/iptables/iptables.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.189488] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/kafka/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.189548] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/kafka/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.189558] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/loadbalancer/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.189681] Module loaded and initialized
>>>> successfully; module='confgen'
>>>> [2018-07-04T10:37:37.189703] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/loadbalancer/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.189715] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/loggly/loggly.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.189776] Attempted to register the same plugin
>>>> multiple times, dropping the old one; context='parser', name='json-parser'
>>>> [2018-07-04T10:37:37.189781] Attempted to register the same plugin
>>>> multiple times, dropping the old one; context='template-func',
>>>> name='format_json'
>>>> [2018-07-04T10:37:37.189785] Module loaded and initialized
>>>> successfully; module='json-plugin'
>>>> [2018-07-04T10:37:37.189815] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/loggly/loggly.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.189825] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/logmatic/logmatic.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.189893] Attempted to register the same plugin
>>>> multiple times, dropping the old one; context='parser', name='json-parser'
>>>> [2018-07-04T10:37:37.189897] Attempted to register the same plugin
>>>> multiple times, dropping the old one; context='template-func',
>>>> name='format_json'
>>>> [2018-07-04T10:37:37.189900] Module loaded and initialized
>>>> successfully; module='json-plugin'
>>>> [2018-07-04T10:37:37.189926] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/logmatic/logmatic.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.189936] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/mbox/mbox.conf', depth='2'
>>>> [2018-07-04T10:37:37.189980] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/mbox/mbox.conf', depth='2'
>>>> [2018-07-04T10:37:37.189990] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/nodejs/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.190038] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/nodejs/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.190048] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/osquery/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.190136] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/osquery/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.190146] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/pacct/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.190189] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/pacct/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.190198] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/rewrite/cc-mask.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.190246] Global value changed;
>>>> define='balabit.credit-card-regexp', value='(:4[0-9]{12}(?:[0-9]{3}
>>>> )?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{
>>>> 13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35d{3})d{11})'
>>>> [2018-07-04T10:37:37.190280] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/rewrite/cc-mask.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.190289] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/snmptrap/snmptrapd-source.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.190340] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/snmptrap/snmptrapd-source.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.190350] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/solaris/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.190400] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/solaris/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.190410] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/sudo/sudo.conf', depth='2'
>>>> [2018-07-04T10:37:37.190472] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/sudo/sudo.conf', depth='2'
>>>> [2018-07-04T10:37:37.190482] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/syslogconf/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.190539] Module loaded and initialized
>>>> successfully; module='confgen'
>>>> [2018-07-04T10:37:37.190545] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/syslogconf/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.190554] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/system/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.190593] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/system/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.190601] Starting to read include file;
>>>> filename='/usr/share/syslog-ng/include/scl/windowseventlog/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.190643] Finishing include;
>>>> filename='/usr/share/syslog-ng/include/scl/windowseventlog/plugin.conf',
>>>> depth='2'
>>>> [2018-07-04T10:37:37.190661] Global value changed;
>>>> define='java-module-dir', value='/usr/lib64/syslog-ng/java-modules'
>>>> [2018-07-04T10:37:37.190667] Finishing include;
>>>> filename='/etc/syslog-ng/scl.conf', depth='1'
>>>> [2018-07-04T10:37:37.190862] Module loaded and initialized
>>>> successfully; module='system-source'
>>>> [2018-07-04T10:37:37.190952] Module loaded and initialized
>>>> successfully; module='sdjournal'
>>>> [2018-07-04T10:37:37.190996] Finishing include; content='parser
>>>> generator app-parser', depth='2'
>>>> [2018-07-04T10:37:37.191184] Module loaded and initialized
>>>> successfully; module='kvformat'
>>>> [2018-07-04T10:37:37.191201] Finishing include; content='block parser
>>>> iptables-parser() at /usr/share/syslog-ng/include/scl/iptables/iptables.conf:23',
>>>> depth='3'
>>>> [2018-07-04T10:37:37.191329] Module loaded and initialized
>>>> successfully; module='csvparser'
>>>> [2018-07-04T10:37:37.191357] Finishing include; content='block parser
>>>> sudo-parser() at /usr/share/syslog-ng/include/scl/sudo/sudo.conf:23',
>>>> depth='3'
>>>> [2018-07-04T10:37:37.191380] Finishing include; content='parser
>>>> generator app-parser', depth='2'
>>>> [2018-07-04T10:37:37.191404] Finishing include; content='source
>>>> generator system', depth='1'
>>>> [2018-07-04T10:37:37.191591] Module loaded and initialized
>>>> successfully; module='afsocket'
>>>> [2018-07-04T10:37:37.192042] Module loaded and initialized
>>>> successfully; module='dbparser'
>>>> [2018-07-04T10:37:37.192158] Module loaded and initialized
>>>> successfully; module='affile'
>>>> [2018-07-04T10:37:37.192370] Finishing include; content='block
>>>> destination elasticsearch2() at /usr/share/syslog-ng/include/s
>>>> cl/elasticsearch/plugin.conf:59', depth='1'
>>>> [2018-07-04T10:37:37.192738] Module loaded and initialized
>>>> successfully; module='syslogformat'
>>>> [2018-07-04T10:37:37.192935] Accepting connections; addr='AF_INET(
>>>> 0.0.0.0:601)'
>>>> [2018-07-04T10:37:37.192970] Accepting connections; addr='AF_INET(
>>>> 0.0.0.0:514)'
>>>> [2018-07-04T10:37:37.193423] Seeking the journal to the last cursor
>>>> position; cursor='s=df2c9187264b4bb0a3addd9aa8fc2c71;i=6d55c;b=4458f11
>>>> 42e1f48c0895f522ab1182866;m=87d9f8fec7;t=57028562edb9b;x=437
>>>> 3623fa660b876'
>>>> [2018-07-04T10:37:37.193676] Log pattern database reloaded;
>>>> file='/opt/syslog-ng/etc/patterndb.xml', version='3',
>>>> pub_date='2010-07-13'
>>>> [2018-07-04T10:37:37.193712] Processing the time zone file (32bit
>>>> part); filename='/usr/share/zoneinfo/UTC'
>>>> [2018-07-04T10:37:37.193736] Java machine new;
>>>> [2018-07-04T10:37:37.242506] Can't find class;
>>>> class_name='org/syslog_ng/SyslogNgClassLoader'
>>>> **
>>>> ERROR:modules/java/native/java_machine.c:206:java_machine_get_class_loader:
>>>> assertion failed: (self->loader)
>>>> Aborted (core dumped)
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ____________________________________________________________
>>>> __________________
>>>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>>>> Documentation: http://www.balabit.com/support
>>>> /documentation/?product=syslog-ng
>>>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>>>>
>>>>
>>>>
>>>
>> --
>> Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20180704/fbe2e6ea/attachment-0001.html>
More information about the syslog-ng
mailing list