Re: [rsyslog] Rsyslog w/ logstash-elasticsearch-kibana server

Tue, 29 Apr 2014 16:21:12 -0700 

On Tue, 29 Apr 2014, Josh Bitto wrote:
I didn't have it running, but I added it and waiting on the 10 minute interval. If I set it to 300 would be go down to 5 minutes? 


Yes, for a test like this where it doesn't look like anything is getting 
through, I'd suggest setting it to something really short, say 10s so that you 
can debug quickly


David Lang


-----Original Message-----
From: [email protected] 
[mailto:[email protected]] On Behalf Of David Lang
Sent: Tuesday, April 29, 2014 4:10 PM
To: rsyslog-users
Subject: Re: [rsyslog] Rsyslog w/ logstash-elasticsearch-kibana server

On Tue, 29 Apr 2014, Josh Bitto wrote:


Ok so after everyone's input I decided to go with 
Rsyslog->Elasticsearch->Kibana setup.

So I'm running CentOS 6.5 with apache. On a virtualbox machine.
Rsyslog version rsyslog-7.6.3-1.el6.x86_64 Kibana and elasticsearch
are the latest editions. I added a repo to just do a yum install of ES, and 
kibana is in my webroot directory.

Basically I've just created a test server to see how well the setup will be 
compared to a live server and I'm running into some issues. I've followed the 
instructions from here.
http://blog.sematext.com/2013/07/01/recipe-rsyslog-elasticsearch-kibana/ and I 
added the config part in that tutorial to the rsyslog.conf.

I've tested to make sure that rsyslog is running "logger blah blah blah" at the 
command line and It returns in the messages logs. So I think where I'm missing is from 
rsyslog to elasticsearch..

When I go to my kibana webpage and try to search for logs that I know are there 
it doesn't return anything.

Here is my rsyslog.conf


do you have impstats running? what does it have to say about the action to put 
logs into elasticsearch?

David Lang
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of 
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE 
THAT.


_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of 
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE 
THAT.




























					Reply via email to