[syslog-ng] Java issue with elasticsearch

Komi Elitcha kmw.elitcha at gmail.com
Fri May 25 18:59:02 UTC 2018 

Oups...

Additionally, i'm getting an error saying that syslog-ng-core in not 
configured yet.

I hope i didn't miss anything.

Thanks.


Le 25/05/2018 à 18:39, Komi Elitcha a écrit :
>
> Thank you Gabor,
>
> Your below comments were very helpful and i suspect i've solved the 
> java issue (maybe i should open a new thread).
>
> After setting correctly the java env in bashrc, this the output i get 
> from #syslog-ng -Fve command:
>
>
> Error parsing config, syntax error, unexpected $end, expecting ';' in 
> /etc/syslog-ng/syslog-ng.conf:
> 173     log { source(s_src); filter(f_messages); 
> destination(d_messages); };
> 174
> 175     log { source(s_src); filter(f_console); 
> destination(d_console_all);
> 176                         destination(d_xconsole); };
> 177     log { source(s_src); filter(f_crit); destination(d_console); };
> 178--->
> 178---> ^
> 179     # All messages send to a remote site
> 180     #
> 181     #log { source(s_src); destination(d_net); };
> 182     log { source(s_net); destination(d_es); flags(flow-control); };
> 183
>
>
> I cannot see any syntax error (regarding the ';') in my 
> syslong-ng.conf file. Is there any know bug related to this. Also, i 
> wonder why "log {---}' syntaxes are returning errors.
>
>
> Regards,
>
>
>
>
> Le 25/05/2018 à 10:20, Nagy, Gábor a écrit :
>> Sorry I forgot to link our blog post about common java problems.
>> It could help and explain some common errors during installation.
>>
>> https://syslog-ng.com/blog/troubleshooting-java-support-syslog-ng/
>>
>> Regards,
>> Gabor
>>
>> On Fri, May 25, 2018 at 11:35 AM, Nagy, Gábor <gabor.nagy at balabit.com 
>> <mailto:gabor.nagy at balabit.com>> wrote:
>>
>>     Hi Komi!
>>
>>     You need the java package for syslog-ng too: "syslog-ng-mod-java".
>>     What is the source of the syslog-ng package you installed?
>>
>>     You will need additional steps after you have installed the
>>     syslog-ng java package.
>>     In our admin we have detailed instructions to setup
>>     elasticsearch2 destination:
>>     https://syslog-ng.com/documents/html/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/configuring-destinations-elasticsearch2.html
>>     <https://syslog-ng.com/documents/html/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/configuring-destinations-elasticsearch2.html>
>>
>>     Feel free to ask if you got stuck!
>>
>>     Regards,
>>     Gabor
>>
>>     On Fri, May 25, 2018 at 10:49 AM, Komi Elitcha
>>     <kmw.elitcha at gmail.com <mailto:kmw.elitcha at gmail.com>> wrote:
>>
>>         Good day all,
>>
>>         I'm new to this mailing list.
>>
>>         I'm setting up syslong-ng+elasticsearch+kibana on an Ubuntu
>>         18.04; i'm getting the following output/error from command:
>>         ]#syslog-ng -Fve
>>
>>
>>         Error parsing destination, destination plugin java not found
>>         in block destination elasticsearch2 (at
>>         /usr/share/syslog-ng/include/scl/elasticsearch/plugin.conf:58:1):
>>         1
>>         2----->   java(
>>         2----->   ^^^^
>>         3
>>         class_path("/usr/lib/syslog-ng/3.15/java-modules/*.jar:/usr/lib/syslog-ng/3.15/java-modules/elastic-jest-client/*.jar:/opt/syslog-ng/jre1.8.0_171/lib//*.jar")
>>         4
>>         class_name("org.syslog_ng.elasticsearch_v2.ElasticSearchDestination")
>>         5           option("index", "*log*")
>>         6           option("type", "syslog")
>>         7           option("server", "localhost")
>>
>>         Included from /etc/syslog-ng/syslog-ng.conf:
>>         90      # Debian only
>>         91      destination d_ppp { file("/var/log/ppp.log"); };
>>         92
>>         93      # Elasticsearch destination
>>         94      destination d_es {
>>         95---->     elasticsearch2(
>>         95---->     ^^^^^^^^^^^^^^^^
>>         96                cluster("syslog-ng")
>>         97                client-lib-dir("/usr/share/elasticsearch/lib/")
>>         98 client-lib-dir("/opt/syslog-ng/jre1.8.0_171/lib/")
>>         99                time-zone("UTC")
>>         100               cluster-url("http://localhost:9200
>>         <http://localhost:9200>")
>>
>>
>>         Any help is welcome.
>>
>>         Thanks.
>>
>>         ______________________________________________________________________________
>>         Member info:
>>         https://lists.balabit.hu/mailman/listinfo/syslog-ng
>>         <https://lists.balabit.hu/mailman/listinfo/syslog-ng>
>>         Documentation:
>>         http://www.balabit.com/support/documentation/?product=syslog-ng
>>         <http://www.balabit.com/support/documentation/?product=syslog-ng>
>>         FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>>         <http://www.balabit.com/wiki/syslog-ng-faq>
>>
>>
>>
>>
>>
>> ______________________________________________________________________________
>> Member info:https://lists.balabit.hu/mailman/listinfo/syslog-ng
>> Documentation:http://www.balabit.com/support/documentation/?product=syslog-ng
>> FAQ:http://www.balabit.com/wiki/syslog-ng-faq
>>
>

-- 
--
KE

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20180525/79125bba/attachment-0001.html>

More information about the syslog-ng mailing list