----- Original Message ----- > From: "Rainer Gerhards" <rgerha...@hq.adiscon.com> > To: "rsyslog-users" <rsyslog@lists.adiscon.com> > Sent: Tuesday, April 8, 2014 1:45:41 AM > Subject: Re: [rsyslog] elasticsearch RPM for el5 > > On Tue, Apr 8, 2014 at 1:53 AM, Mike Hoskins (michoski) > <micho...@cisco.com>wrote: > > > -----Original Message----- > > From: Andre Lorbach <alorb...@adiscon.com> > > Reply-To: "alorb...@adiscon.com" <alorb...@adiscon.com>, > > rsyslog-users > > <rsyslog@lists.adiscon.com> > > Date: Monday, April 7, 2014 at 10:19 AM > > To: rsyslog-users <rsyslog@lists.adiscon.com> > > Subject: Re: [rsyslog] elasticsearch RPM for el5 > > > > >Elasticsearch requires libuuid and libcurl,. Either one or both of > > >these > > >libs were outdated and could not be rebuild from newer sources > > >easily. So > > >I had to remove support for elasticsearch on EHEL5. > > > > I'm almost entirely on CentOS 6.x now so don't care personally, but > > it's > > ashame...since RHEL/CentOS 5.x is not "old" by any means, 5.10 was > > just > > released end of last year, and it's pretty reasonable to expect > > larger > > enterprises -- which are probably also the ones who would fund > > projects -- > > > > I like this "theory of funding". Actually, nobody objects trying to > work on > this if the project is funded, and if a sponsor would come up and > request > that this and that feature must be available on RHEL 5 AND fund that > work, > we'd be more than happy to do that. The plain fact is that this is a > myth. > Nobody wants to fund such work, which IMHO is also a very good > conclusion > that nobody *seriously* wants it. > > Rainer > > > > not to jump to the latest releases too quickly. (Well maybe not > > reasonable, but giant tortoises move slowly in my experience... > > :-) )
oddly enough, elasticsearch itself didn't slow me down.. I simply grabbed the RPM from their repo and drove on - no libcurl or libuuid required. I went ahead and built rsyslog-8.2.0 from source (albeit I had to remove rfc3195 from my compile) and got everything up and running. I then went back and tried to compile rsyslog-7.6.3 with ES support, since I'm currently running 7.x in production.. but I found rst2man is required and doesn't seem to exist in python-docutils under RHEL5. So.. 7.x requires something that 8.x doesn't - at least to build from source. I found that mildly entertaining :) So now that I have rsyslog pumping data into ES and Kibana to view it all, I'm left wanting more labeling/tagging/indexing of various logs, and not just CEE-enhanced logs. -- Rick Brown Office of Information Technology Georgia Institute of Technology _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
