Crap... I'm sorry. Noobish indeed. Didn't even realized there was a separate group. I'll post it over there. Thanks!
On Wednesday, November 12, 2014 9:14:34 AM UTC-6, Andrew Stacey wrote: > > This is probably a very noobish question. I just starting playing with an > ELK stack I have set up on Centos 7. All the core services seem to be > working but I can't seem to get it to receive syslog messages. I have both > selinux and the firewall turned off (just a local lab right now). Netstat > -nlp does not show anything listening on port 514. > > According to the logstash book, I need to add the following syslog input > plugin > > syslog { > type => syslog > port => 5514 > } > > > in /etc/logstash/conf.d/central.conf but that file does not exist on my > machine. The only files in that directory are named > 01-lumberjack-input.conf. 10-syslog.conf, and 30-lumberjack-output.conf. > Looking inside those three, it does not look like putting anything there > will help, though I did try adding the above code in the > 01-lumberjack-input.conf to no affect. > > Before I wasted a ton of time overlooking something simple, does anyone > who has set up logstash see what piece I am missing to enable to receipt of > syslog entries? I have two device trying to send the data, one a sonicwall > firewall, the other is just a windows machine using nxlog. The nxlog.log > file throws the following error: > > ERROR couldn't connect to tcp socket on 10.1.10.154:514; No connection > could be made because the target machine actively refused it. > > So I am sure I am at least sending some data to Logstash. I'm sure it is > something simple I missed but for the life of me just can't see it. > > > -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/5cc9750e-11ac-4c76-ad31-eeda43e5cd38%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.