[syslog-ng] logger-ng needed
Ed Ravin
eravin at panix.com
Mon Oct 10 18:39:46 CEST 2005
On Mon, Oct 10, 2005 at 07:13:51AM -0700, Evan Rempel wrote:
> This is a little off topic for syslog-ng, but I bring it up here because
> syslog-ng has 90% of the code already written to accomplish this.
>
> I need a tool to get data into my syslog-ng architecture. There are a
> number of programs that log to files or that standard output only. I can
> use tools like chronolog to manage the rollover of the files but that does
> not get the data into syslog-ng. I can pipe the data into "logger
> -pxxx.yyy -tag zzz" but this sends all of the messages with the same
> priority.
>
> I would like a tool that can filter the input using regular expressions
> and then syslog the message to a specified facility.level and tag.
I wrote a tool a while back called "relogger.pl" which takes an existing
syslog data file and re-injects each line back into syslog. It was meant
for testing logsurfer or anything else that parsed syslog data, so you
could have a "test" stream of log data sent in real-time. It's basically
the same idea as logger, but it parses the data and can do things like
figure out the delay between two messages and simulate the delay when
re-logging the message.
It almost does what you want - except right now it only reads
syslog-formatted files. You'd have to teach it how to deal with normal
text files, and then add parsing for the data in question - maybe add a
command line option like:
"--facilitymatch /PATTERN/=crit" (if data matches PATTERN, syslog it
with facility "crit").
relogger.pl is attached.
-- Ed
-------------- next part --------------
A non-text attachment was scrubbed...
Name: relogger.pl
Type: application/x-perl
Size: 4947 bytes
Desc: not available
Url : http://lists.balabit.hu/pipermail/syslog-ng/attachments/20051010/a9a3a567/relogger-0001.bin
More information about the syslog-ng
mailing list