[syslog-ng] Difficulty with Elasticsearch Destination
Kelly Marchewa
kelly_marchewa at yahoo.com
Sun Jun 16 01:19:05 UTC 2019
Greetings all:
I recently installed syslog-ng on my Debian 9 system. I have tested
syslog-ng with a file destination and everything seemed fine. Now, I am
attempting?? to set the destination to my local Elasticsearch instance.
However, I am receiving the following error:
/Error parsing destination, destination plugin elasticsearch-http not
found in /etc/syslog-ng/syslog-ng.conf at line 44, column 1:/
/elasticsearch-http(/
/^^^^^^^^^^^^^^^^^^/
My configuration, based on the documentation:
/elasticsearch-http(////?? index("syslog")////?? type("test")////?? url("http:/localhost:9200/_bulk"));////};/
Output of syslog-ng --version:
/syslog-ng 3.8.1////Installer-Version: 3.8.1////Revision: 3.8.1-10////Module-Directory: /usr/lib/syslog-ng/3.8////Module-Path: /usr/lib/syslog-ng/3.8////Available-Modules:
disk-buffer,redis,date,afstomp,afprog,afsocket,pseudofile,confgen,csvparser,afsql,kvformat,geoip-plugin,afuser,afsmtp,system-source,mod-python,afamqp,riemann,linux-kmsg-format,dbparser,basicfuncs,syslogformat,graphite,afmongodb,json-plugin,cryptofuncs,affile,sdjournal,cef,add-contextual-data////Enable-Debug: off////Enable-GProf: off////Enable-Memtrace: off////Enable-IPv6: on////Enable-Spoof-Source: on////Enable-TCP-Wrapper: on////Enable-Linux-Caps: off/
I saw no indication in the documentation that any special
modules/plugins needed to be loaded to use Elasticsearch as the
destination. Any pointers as to what the issue is would be appreciated.
Thanks!
--
Kelly Marchewa
kelly_marchewa at yahoo.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20190615/846fc1fd/attachment.html>
More information about the syslog-ng
mailing list