Hello,
I've written the following example code for ElasticSearch auto discovery
<https://gist.github.com/3133526>.
~ % ./autodiscovery
{"response":{"cluster_name":"elasticsearch","version":{"number":"0.19.7","s
napshot_build":false},"transport_address":"inet[/192.168.1.2:9300]","http_a
ddress":"inet[/192.168.1.2:9200]","attributes":{}}}
This would really help the resiliency of the omelasticsearch plugin -
currently the logs are sent to a hardcoded IP address. This would enable
omelasticsearch to get a list of cluster members at start, and if they
ever go down, it could get a new IP to send to. For more details about
auto discovery, see:
<http://www.elasticsearch.org/guide/reference/modules/discovery/zen.html>.
I created this example as part of my work integrating ElasticSearch with
our network IDS, and I'm afraid that I don't have the necessary time to
create a patch for omelasticsearch, but I figured I'd share it out in case
anyone was interested.
--
Vlad Grigorescu | Senior Security Engineer
Information Security Office | 412.268.1447
Carnegie Mellon University | 0x632E5272
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
