...
- The plugin is located at /installs/tech-preview/es-changes-feed-plugin.zip
- In order to extract the plugin please follow the procedure :
- cd /installs/tech-preview
- unzip es-changes-feed-plugin.zip
- The command will create the following files in the directory /installs/tech-preview :
- MonTierEventsFeedPlugin.zip
- MonTierEventsFeedPlugin.zip.md5
To install plugin just run commands:
cd /app/elasticsearch_base
bin/plugin install file:///installs/tech-preview/MonTierEventsFeedPlugin.zip
Approve the installation by pressing Y to the prompt question "Continue with installation? [y/N]"
To remove plugin issue command : bin/plugin remove file:///installs/tech-preview/MonTierEventsFeedPlugin.zip
Configure each Store node number 2 or 4 as follow:
- cd /app/elasticsearch_nodes/config/MonTier-es-raw-trans-Node-2
- Edit file elasticsearch.yml
add to the end of file the parameters:
Parameter Values Description montier.events.feed.syslog.protocol tcp or udp the protocol used to send syslog montier.events.feed.syslog.host ip addressv4 or valid hostname target syslog agent hostname montier.events.feed.syslog.port integer 1-65535 target syslog agent port montier.events.feed.syslog.ssl false or true enable / disable ssl montier.events.feed.appname text A-Z|a-z|0-9 name - 8 chars syslog application name
Configure syslog agent
For each syslog agent that you have in system perform the following
- cd /app/flume/syslog_agents/conf/MonTier-SyslogAgent-nn/ (replace nn with agent number)
- edit file flume_syslog.conf
- Look in each each agent for rows with pattern : MonTier-SyslogAgent-1.sinks.syslogElasticSinknnn.batchSize = (replace nnn with 1 to 10!!)
- For each row found please add below the line