我已经在 ubuntu 上设置了 syslog-ng 服务器并从 syslog-ng 服务器上的防火墙收集日志,我想将该日志转发到 kafka 主题中。
sudo apt-get install syslog-ng-core
sudo apt-get install -y syslog-ng-mod-python
syslog-ng 3 (3.31.2)
Config version: 3.29
Installer-Version: 3.31.2
Revision: 3.31.2-1
Compile-Date: Mar 17 2021 16:37:02
Module-Directory: /usr/lib/syslog-ng/3.31
Module-Path: /usr/lib/syslog-ng/3.31
Include-Path: /usr/share/syslog-ng/include
Available-Modules: tags-parser,sdjournal,basicfuncs,affile,pacctformat,appmodel,mod-python,hook-commands,timestamp,dbparser,kvformat,json-plugin,linux-kmsg-format,afprog,system-source,pseudofile,cef,syslogformat,cryptofuncs,afsocket,afuser,csvparser,confgen,disk-buffer
Enable-Debug: off
Enable-GProf: off
Enable-Memtrace: off
Enable-IPv6: on
Enable-Spoof-Source: on
Enable-TCP-Wrapper: on
Enable-Linux-Caps: on
Enable-Systemd: on
options {
create_dirs(yes);
owner(ubuntu);
group(ubuntu);
perm(0640);
dir_owner(ubuntu);
dir_group(ubuntu);
dir_perm(0750);
};
source s_net {
tcp(ip(0.0.0.0) port(514));
udp(ip(0.0.0.0) port(514));
};
destination d_host-specific {
python(
class("syslogng_kafka.kafkadriver.KafkaDestination")
on-error("fallback-to-string")
options(
hosts "localhost:9092"
topic "syslog-events"
)
);
};
log {
source(s_net);
destination(d_host-specific);
};
但是当我尝试重新启动 syslog-ng 服务器时。像这样抛出错误。
Jul 26 18:10:51 ubuntu systemd[1]: Stopped System Logger Daemon.
Jul 26 18:10:51 ubuntu systemd[1]: Starting System Logger Daemon...
Jul 26 18:10:51 ubuntu syslog-ng[2365]: Default broker version fallback 0.9.0.1 will be applied here.
Jul 26 18:10:51 ubuntu systemd[1]: Started System Logger Daemon.
Jul 26 18:10:51 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:10:52 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:10:53 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:10:53 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:10:54 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:10:55 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:10:55 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:10:56 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:10:57 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:10:57 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:10:58 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:10:59 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:10:59 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:11:00 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:11:01 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:11:01 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:11:02 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:11:03 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:11:03 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:11:04 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:11:05 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:11:05 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:11:06 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:11:07 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:11:07 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
Jul 26 18:11:08 ubuntu syslog-ng[2365]: Your version of syslog-ng is not supported. Please use syslog-ng 3.7.x
我也尝试安装最新的 syslog-ng 服务器,但它抛出错误
syslog-ng: error while loading shared libraries: libsyslog-ng-3.33.so.0: cannot open shared object file: No such file or directory
请任何人都可以帮我找出问题。