( Yes, I've seen syslog-ng does not recognize "python" keyword . However, 1) the mentioned solution doesn't help me because I checked and mod-python is loaded, and 2) it applies to file destination rather than the parser)
After having some trouble getting syslog-ng to output to a program someone pointed out that syslog-ng has the ability to incorporate Python code in a parser and directed me at https://www.balabit.com/documents/syslog-ng-pe-latest-guides/en/syslog-ng-pe-guide-admin/html/python-parser.html .
However, even the example script failed to work with the error message:
Error parsing parser expression, parser plugin python not found in /etc/syslog-ng/conf.d/50-python.conf at line 2, column 2:
included from /etc/syslog-ng/syslog-ng.conf line 162, column 1
python(class("brocadeParser"));
^^^^^^
I googled for the error message, and I checked the above SE question. However, after running syslog-ng -V I found that the python module was in fact loaded:
syslog-ng 3.8.1
Installer-Version: 3.8.1
Revision: 3.8.1-10
Module-Directory: /usr/lib/syslog-ng/3.8
Module-Path: /usr/lib/syslog-ng/3.8
Available-Modules: linux-kmsg-format,riemann,grok-parser,basicfuncs,cryptofuncs,redis,system-source,afuser,geoip-plugin,mod-python,graphite,afstomp,pseudofile,date,afsocket,kvformat,confgen,afprog,syslogformat,add-contextual-data,sdjournal,json-plugin,afsmtp,affile,afamqp,dbparser,disk-buffer,afsql,csvparser,cef,afmongodb
Enable-Debug: off
Enable-GProf: off
Enable-Memtrace: off
Enable-IPv6: on
Enable-Spoof-Source: on
Enable-TCP-Wrapper: on
Enable-Linux-Caps: off
Does anyone have any suggestions at what might be wrong?
