[syslog-ng] Java issue with elasticsearch
Komi Elitcha
kmw.elitcha at gmail.com
Fri May 25 19:42:55 UTC 2018
Hello Kokan,
I double checked inside '/etc/syslog-ng/syslog-ng.conf' file and i don't
have any '\r' carriage.
Are you pointing me to another conf file?
Regards,
Le 25/05/2018 à 19:10, Kókai Péter a écrit :
> Hello,
>
> You probably have a '\r' carriage return in your configuration, that
> is not supported. Remove it and it should work :)
>
> --
> Kokan
>
> On Fri, May 25, 2018 at 8:59 PM Komi Elitcha <kmw.elitcha at gmail.com
> <mailto:kmw.elitcha at gmail.com>> wrote:
>
> Oups...
>
> Additionally, i'm getting an error saying that syslog-ng-core in
> not configured yet.
>
> I hope i didn't miss anything.
>
> Thanks.
>
>
> Le 25/05/2018 à 18:39, Komi Elitcha a écrit :
>>
>> Thank you Gabor,
>>
>> Your below comments were very helpful and i suspect i've solved
>> the java issue (maybe i should open a new thread).
>>
>> After setting correctly the java env in bashrc, this the output i
>> get from #syslog-ng -Fve command:
>>
>>
>> Error parsing config, syntax error, unexpected $end, expecting
>> ';' in /etc/syslog-ng/syslog-ng.conf:
>> 173 log { source(s_src); filter(f_messages);
>> destination(d_messages); };
>> 174
>> 175 log { source(s_src); filter(f_console);
>> destination(d_console_all);
>> 176 destination(d_xconsole); };
>> 177 log { source(s_src); filter(f_crit);
>> destination(d_console); };
>> 178--->
>> 178---> ^
>> 179 # All messages send to a remote site
>> 180 #
>> 181 #log { source(s_src); destination(d_net); };
>> 182 log { source(s_net); destination(d_es);
>> flags(flow-control); };
>> 183
>>
>>
>> I cannot see any syntax error (regarding the ';') in my
>> syslong-ng.conf file. Is there any know bug related to this.
>> Also, i wonder why "log {---}' syntaxes are returning errors.
>>
>>
>> Regards,
>>
>>
>>
>>
>> Le 25/05/2018 à 10:20, Nagy, Gábor a écrit :
>>> Sorry I forgot to link our blog post about common java problems.
>>> It could help and explain some common errors during installation.
>>>
>>> https://syslog-ng.com/blog/troubleshooting-java-support-syslog-ng/
>>>
>>> Regards,
>>> Gabor
>>>
>>> On Fri, May 25, 2018 at 11:35 AM, Nagy, Gábor
>>> <gabor.nagy at balabit.com <mailto:gabor.nagy at balabit.com>> wrote:
>>>
>>> Hi Komi!
>>>
>>> You need the java package for syslog-ng too:
>>> "syslog-ng-mod-java".
>>> What is the source of the syslog-ng package you installed?
>>>
>>> You will need additional steps after you have installed the
>>> syslog-ng java package.
>>> In our admin we have detailed instructions to setup
>>> elasticsearch2 destination:
>>> https://syslog-ng.com/documents/html/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/configuring-destinations-elasticsearch2.html
>>>
>>> Feel free to ask if you got stuck!
>>>
>>> Regards,
>>> Gabor
>>>
>>> On Fri, May 25, 2018 at 10:49 AM, Komi Elitcha
>>> <kmw.elitcha at gmail.com <mailto:kmw.elitcha at gmail.com>> wrote:
>>>
>>> Good day all,
>>>
>>> I'm new to this mailing list.
>>>
>>> I'm setting up syslong-ng+elasticsearch+kibana on an
>>> Ubuntu 18.04; i'm getting the following output/error
>>> from command: ]#syslog-ng -Fve
>>>
>>>
>>> Error parsing destination, destination plugin java not
>>> found in block destination elasticsearch2 (at
>>> /usr/share/syslog-ng/include/scl/elasticsearch/plugin.conf:58:1):
>>> 1
>>> 2-----> java(
>>> 2-----> ^^^^
>>> 3
>>> class_path("/usr/lib/syslog-ng/3.15/java-modules/*.jar:/usr/lib/syslog-ng/3.15/java-modules/elastic-jest-client/*.jar:/opt/syslog-ng/jre1.8.0_171/lib//*.jar")
>>> 4
>>> class_name("org.syslog_ng.elasticsearch_v2.ElasticSearchDestination")
>>> 5 option("index", "*log*")
>>> 6 option("type", "syslog")
>>> 7 option("server", "localhost")
>>>
>>> Included from /etc/syslog-ng/syslog-ng.conf:
>>> 90 # Debian only
>>> 91 destination d_ppp { file("/var/log/ppp.log"); };
>>> 92
>>> 93 # Elasticsearch destination
>>> 94 destination d_es {
>>> 95----> elasticsearch2(
>>> 95----> ^^^^^^^^^^^^^^^^
>>> 96 cluster("syslog-ng")
>>> 97 client-lib-dir("/usr/share/elasticsearch/lib/")
>>> 98 client-lib-dir("/opt/syslog-ng/jre1.8.0_171/lib/")
>>> 99 time-zone("UTC")
>>> 100 cluster-url("http://localhost:9200")
>>>
>>>
>>> Any help is welcome.
>>>
>>> Thanks.
>>>
>>> ______________________________________________________________________________
>>> Member info:
>>> https://lists.balabit.hu/mailman/listinfo/syslog-ng
>>> Documentation:
>>> http://www.balabit.com/support/documentation/?product=syslog-ng
>>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>>>
>>>
>>>
>>>
>>>
>>> ______________________________________________________________________________
>>> Member info:https://lists.balabit.hu/mailman/listinfo/syslog-ng
>>> Documentation:http://www.balabit.com/support/documentation/?product=syslog-ng
>>> FAQ:http://www.balabit.com/wiki/syslog-ng-faq
>>>
>>
>
> --
> --
> KE
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
--
--
KE
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20180525/bea08183/attachment-0001.html>
More information about the syslog-ng
mailing list