Hello Folks,
if I put the below two lines in rsyslog.conf and run a simple executable as
shown
below I do not get any entries in elasticsearch logs.
void main()
{
int i = 0;
setlogmask (LOG_UPTO (LOG_NOTICE));
openlog ("exampleprog", LOG_PID | LOG_NDELAY, LOG_DAEMON);
perror("openlog");
for(i = 0; i < 500000; i++) {
//syslog (LOG_NOTICE, "A tree falls in a forest %d", i);
syslog (LOG_NOTICE, "{ \"@message\":\"A tree falls in a
forest %d\" }", i);
//usleep(200);
}
closelog ();
}
template (name="apsimTemplate" type="list" option.json="on") {
constant(value="{") constant(value="\",\"@message\":\"")
property(name="msg") constant(value="\"}") }
*.* action(type="omelasticsearch" template="apsimTemplate" ) #
searchIndex="srchidx")
whereas if I put the below line in /etc/rsyslog.conf, the lines appear.
jasonlint validates the line in syslog function.
*.* /var/log/elasticsearch/elasticsearch.log
What could be the issue?
thanks
Mahesh
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
