[syslog-ng] [FORGED] [FORGED] [FORGED] errors with elasticsearch_http on 2.21 & 3.22 -- correction
Russell Fulton
r.fulton at auckland.ac.nz
Wed Apr 1 18:48:51 UTC 2020
On 31/03/2020, at 7:05 PM, Antal Nemes (anemes) <Antal.Nemes at oneidentity.com<mailto:Antal.Nemes at oneidentity.com>> wrote:
Just another idea that may give a clue.
If you start syslog-ng with foreground with debug and trace leve (syslog-ng -Fevdt)l, syslog-ng
a couple more data points:
/usr/local/syslog-ng-3.26.1/sbin/syslog-ng -Fedv -s -f ~/short.conf
gives no errors and includes
[2020-04-01T15:06:30.869576] Reading shared object for a candidate module; path='/usr/local/syslog-ng-3.26.1/lib/syslog-ng', fname='libhttp.so', module='http'
[2020-04-01T15:06:30.871503] Registering candidate plugin; module='http', context='destination', name='http'
endis with:
[2020-04-01T15:06:30.892770] Starting to read include file; filename='/usr/local/syslog-ng-3.26.1/share/syslog-ng/include/scl/syslogconf/plugin.conf', depth='2'
[2020-04-01T15:06:30.893592] Module loaded and initialized successfully; module='confgen'
[2020-04-01T15:06:30.894031] Finishing include; filename='/usr/local/syslog-ng-3.26.1/share/syslog-ng/include/scl/syslogconf/plugin.conf', depth='2'
[2020-04-01T15:06:30.894188] Finishing include; filename='/usr/local/syslog-ng-3.26.1/etc/scl.conf', depth='1'
[2020-04-01T15:06:30.894717] Module loaded and initialized successfully; module='afsocket'
Error parsing destination statement, destination plugin elasticsearch_http not found in /home/rful011/short.conf:11:3-11:21:
6 network( transport("tcp") flags(no-multi-line) port(1514) keep-alive(yes));
7 };
8
9
10 destination d_elastic {
11----> elasticsearch_http(
11----> ^^^^^^^^^^^^^^^^^^
and
rful011 at secmgrprd02:~$ /usr/local/syslog-ng/sbin/syslog-ng -V -s -f ~/short.conf
syslog-ng 3 (3.26.1)
Config version: 3.22
Installer-Version: 3.26.1
Revision:
Compile-Date: Mar 31 2020 08:54:40
Module-Directory: /usr/local/syslog-ng-3.26.1/lib/syslog-ng
Module-Path: /usr/local/syslog-ng-3.26.1/lib/syslog-ng
Include-Path: /usr/local/syslog-ng-3.26.1/share/syslog-ng/include
Available-Modules: add-contextual-data,affile,afprog,afsocket,afstomp,afuser,appmodel,azure-auth-header,basicfuncs,cef,confgen,cryptofuncs,csvparser,timestamp,dbparser,disk-buffer,examples,geoip2-plugin,tfgetent,graphite,hook-commands,http,json-plugin,kvformat,linux-kmsg-format,map-value-pairs,pseudofile,mod-python,snmptrapd-parser,stardate,syslogformat,system-source,tags-parser,xml
Enable-Debug: off
Enable-GProf: off
Enable-Memtrace: off
Enable-IPv6: on
Enable-Spoof-Source: off
Enable-TCP-Wrapper: off
Enable-Linux-Caps: off
Enable-Systemd: off
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20200401/91193cf3/attachment.html>
More information about the syslog-ng
mailing list