[syslog-ng] Java issue with elasticsearch

Komi Elitcha kmw.elitcha at gmail.com
Fri May 25 18:39:45 UTC 2018 

Thank you Gabor,

Your below comments were very helpful and i suspect i've solved the java 
issue (maybe i should open a new thread).

After setting correctly the java env in bashrc, this the output i get 
from #syslog-ng -Fve command:


Error parsing config, syntax error, unexpected $end, expecting ';' in 
/etc/syslog-ng/syslog-ng.conf:
173     log { source(s_src); filter(f_messages); destination(d_messages); };
174
175     log { source(s_src); filter(f_console); destination(d_console_all);
176                         destination(d_xconsole); };
177     log { source(s_src); filter(f_crit); destination(d_console); };
178--->
178---> ^
179     # All messages send to a remote site
180     #
181     #log { source(s_src); destination(d_net); };
182     log { source(s_net); destination(d_es); flags(flow-control); };
183


I cannot see any syntax error (regarding the ';') in my syslong-ng.conf 
file. Is there any know bug related to this. Also, i wonder why "log 
{---}' syntaxes are returning errors.


Regards,




Le 25/05/2018 à 10:20, Nagy, Gábor a écrit :
> Sorry I forgot to link our blog post about common java problems.
> It could help and explain some common errors during installation.
>
> https://syslog-ng.com/blog/troubleshooting-java-support-syslog-ng/
>
> Regards,
> Gabor
>
> On Fri, May 25, 2018 at 11:35 AM, Nagy, Gábor <gabor.nagy at balabit.com 
> <mailto:gabor.nagy at balabit.com>> wrote:
>
>     Hi Komi!
>
>     You need the java package for syslog-ng too: "syslog-ng-mod-java".
>     What is the source of the syslog-ng package you installed?
>
>     You will need additional steps after you have installed the
>     syslog-ng java package.
>     In our admin we have detailed instructions to setup elasticsearch2
>     destination:
>     https://syslog-ng.com/documents/html/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/configuring-destinations-elasticsearch2.html
>     <https://syslog-ng.com/documents/html/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/configuring-destinations-elasticsearch2.html>
>
>     Feel free to ask if you got stuck!
>
>     Regards,
>     Gabor
>
>     On Fri, May 25, 2018 at 10:49 AM, Komi Elitcha
>     <kmw.elitcha at gmail.com <mailto:kmw.elitcha at gmail.com>> wrote:
>
>         Good day all,
>
>         I'm new to this mailing list.
>
>         I'm setting up syslong-ng+elasticsearch+kibana on an Ubuntu
>         18.04; i'm getting the following output/error from command:
>         ]#syslog-ng -Fve
>
>
>         Error parsing destination, destination plugin java not found
>         in block destination elasticsearch2 (at
>         /usr/share/syslog-ng/include/scl/elasticsearch/plugin.conf:58:1):
>         1
>         2----->   java(
>         2----->   ^^^^
>         3
>         class_path("/usr/lib/syslog-ng/3.15/java-modules/*.jar:/usr/lib/syslog-ng/3.15/java-modules/elastic-jest-client/*.jar:/opt/syslog-ng/jre1.8.0_171/lib//*.jar")
>         4
>         class_name("org.syslog_ng.elasticsearch_v2.ElasticSearchDestination")
>         5           option("index", "*log*")
>         6           option("type", "syslog")
>         7           option("server", "localhost")
>
>         Included from /etc/syslog-ng/syslog-ng.conf:
>         90      # Debian only
>         91      destination d_ppp { file("/var/log/ppp.log"); };
>         92
>         93      # Elasticsearch destination
>         94      destination d_es {
>         95---->     elasticsearch2(
>         95---->     ^^^^^^^^^^^^^^^^
>         96                cluster("syslog-ng")
>         97                client-lib-dir("/usr/share/elasticsearch/lib/")
>         98 client-lib-dir("/opt/syslog-ng/jre1.8.0_171/lib/")
>         99                time-zone("UTC")
>         100               cluster-url("http://localhost:9200
>         <http://localhost:9200>")
>
>
>         Any help is welcome.
>
>         Thanks.
>
>         ______________________________________________________________________________
>         Member info:
>         https://lists.balabit.hu/mailman/listinfo/syslog-ng
>         <https://lists.balabit.hu/mailman/listinfo/syslog-ng>
>         Documentation:
>         http://www.balabit.com/support/documentation/?product=syslog-ng
>         <http://www.balabit.com/support/documentation/?product=syslog-ng>
>         FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>         <http://www.balabit.com/wiki/syslog-ng-faq>
>
>
>
>
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20180525/ea780737/attachment.html>

More information about the syslog-ng mailing list