[syslog-ng] syslog-ng GUI

Ken Garland kenneth.garland at rotech.com
Thu May 11 20:09:05 CEST 2006 

if you are splitting all logs up into subdirs like that you will have  
quite a fun time doing any parsing. i use php-syslog-ng which is  
piped from mysql and setup as follows in the conf:

source s_tcp { tcp(); };
source s_udp { udp(); };
source s_local { unix-stream("/dev/log"); internal(); };

destination d_mysql { pipe("/var/log/mysql.pipe" template("INSERT  
INTO logs (host, facility, priority, level, tag, datetime, program,  
msg) VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG',  
'$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC', '$PROGRAM', '$MSG' );\n")  
template-escape(yes)); };

log {
         source(s_tcp);
         destination(d_mysql);
};

log {
         source(s_udp);
         destination(d_mysql);
};

I have filters and other log facilities setup but this is the basic  
layout, the docs on the php-syslog-ng site are very simple to follow.  
i was going to try splunk but many of the times i find that I'm in  
the shell doing my reports and searches against the log file.


On May 11, 2006, at 8:51 AM, Arya, Manish Kumar wrote:

> Hi Guys,
>
>    I am storing logs on a central server having 3T
> SAN,
> using follwing template
>
> destination indexlog {
>
> file("/logs/log01/indexlog/$YEAR/$MONTH/$DAY/$HOST"
>
> template("$HOUR:$MIN:$SEC,$PROGRAM,$FACILITY,$PRIORITY,$MSGONLY\n")
>         template-escape(yes)
>         owner(root) group(root) perm(0644)
> dir_perm(0755) create_dirs(yes));
> };
>
> my logging is done perfectly :)
>
> like /logs/log01/indexlog/2006/05/11/hostnames
>
> I want to have a GUI to view logs with following
> facilities
>
> -search logs on basis on date/time, text patterns in
> messages,hostnames.
>
> -should provide facility to have filters associated
> with user authentication/authorization.
>
> -should be able to to parallel search to improve
> search response time.
>
> Regards,
> -Manish
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
> _______________________________________________
> syslog-ng maillist  -  syslog-ng at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>

More information about the syslog-ng mailing list