<div dir="ltr">Hi,<div><br></div><div>which syslog-ng do you use and which mongodb?</div><div><br></div><div>Previous syslog-ng versions supports only the 2.x mongodb series, 3.2.x series is supported only by the syslog-ng upstream (version 3.8).</div><div>We moved to the official mongo-c library and -temporary- broke the configuration (we have a PR[1] that will support the previous config format - we will merge this soon). Until we won't merge the patch, you can use the new config options. </div><div><br></div><div>So if you want to use the 3.2.x mongodb, you have to compile syslog-ng from source.</div><div><br></div><div>Small tutorial:</div><div>1. docker: install mongodb 3.2.5<br></div><div><div><br></div><div><a href="https://docs.mongodb.org/master/tutorial/install-mongodb-on-ubuntu/?_ga=1.190134827.1652922526.1461162613">https://docs.mongodb.org/master/tutorial/install-mongodb-on-ubuntu/?_ga=1.190134827.1652922526.1461162613</a></div><div><br></div><div><br></div><div>2. start mongodb</div><div><br></div><div>root@a3e9571e39eb:/# mongod --bind_ip 172.17.0.2</div><div><br></div><div><br></div><div>3. build & configure</div><div><br></div><div>git clone <a href="https://github.com/balabit/syslog-ng">https://github.com/balabit/syslog-ng</a></div><div>cd syslog-ng</div><div>./autogen.sh</div><div>cd ..</div><div>mkdir build</div><div>cd build</div><div>../syslog-ng/configure --prefix /opt/syslog-ng.upstream</div><div>make </div><div>make install</div><div><br></div><div>[if you need help on howto compile syslog-ng, we can help]</div><div><br></div><div>/opt/syslog-ng.upstream/etc/syslog-ng.conf:</div><div>@version: 3.8</div><div>@include "scl.conf"</div><div><br></div><div><br></div><div>source s_network {</div><div> network(port(5555));</div><div>};</div><div><br></div><div>destination d_mongo {</div><div> mongodb (</div><div> uri('mongodb://<a href="http://172.17.0.2:27017/syslog-ng">172.17.0.2:27017/syslog-ng</a>')</div><div> collection('test')</div><div> value-pairs(</div><div> scope("selected-macros" "nv-pairs" "sdata")</div><div> )</div><div> );</div><div>};</div><div><br></div><div>log {</div><div> source(s_network);</div><div> destination(d_mongo);</div><div> flags(flow-control);</div><div>};</div><div><br></div><div>4. send logs</div><div><br></div><div>stentor@T440s:~$ logger -s MSG:$RANDOM 2>&1 | nc localhost 5555</div><div><br></div><div>5. query the results</div><div>root@a3e9571e39eb:/# mongo <a href="http://172.17.0.2/syslog-ng">172.17.0.2/syslog-ng</a></div><div><br></div><div>MongoDB shell version: 3.2.5</div><div>connecting to: <a href="http://172.17.0.2/syslog-ng">172.17.0.2/syslog-ng</a></div><div>> db.test.find({'PROGRAM':'stentor'})</div><div>{ "_id" : ObjectId("57179ae358d80574d81440e1"), "TAGS" :</div><div>> ".source.s_network", "SOURCEIP" : "127.0.0.1", "SOURCE" : "s_network",</div><div>> "SEQNUM" : "1", "PROGRAM" : "stentor", "PRIORITY" : "notice", "MESSAGE" :</div><div>> "MSG:4854", "LEGACY_MSGHDR" : "stentor: ", "HOST_FROM" : "localhost",</div><div>> "HOST" : "localhost", "FACILITY" : "user", "DATE" : "Apr 20 17:06:11" }</div><div>{ "_id" : ObjectId("57179ae858d80574d81440e2"), "TAGS" :</div><div>> ".source.s_network", "SOURCEIP" : "127.0.0.1", "SOURCE" : "s_network",</div><div>> "SEQNUM" : "2", "PROGRAM" : "stentor", "PRIORITY" : "notice", "MESSAGE" :</div><div>> "MSG:31751", "LEGACY_MSGHDR" : "stentor: ", "HOST_FROM" : "localhost",</div><div>> "HOST" : "localhost", "FACILITY" : "user", "DATE" : "Apr 20 17:06:16" }</div><div>{ "_id" : ObjectId("57179b1958d80574ff238bf1"), "TAGS" :</div><div>> ".source.s_network", "SOURCEIP" : "127.0.0.1", "SOURCE" : "s_network",</div><div>> "SEQNUM" : "1", "PROGRAM" : "stentor", "PRIORITY" : "notice", "MESSAGE" :</div><div>> "MSG:13698", "LEGACY_MSGHDR" : "stentor: ", "HOST_FROM" : "localhost",</div><div>> "HOST" : "localhost", "FACILITY" : "user", "DATE" : "Apr 20 17:07:05" }</div><div>> </div></div><div><br></div><div>[1] <a href="https://github.com/balabit/syslog-ng/pull/981">https://github.com/balabit/syslog-ng/pull/981</a></div><div><br></div><div><br></div><div>regards,</div><div>Laszlo Budai</div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Apr 20, 2016 at 1:29 PM, Ivan Adji - Krstev <span dir="ltr"><<a href="mailto:akivanradix@gmail.com" target="_blank">akivanradix@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<font face="Helvetica, Arial, sans-serif">Hi all, <br>
I'm trying to change the DB from InooDB to MongoDB, and i have
install the MongoDB but i can't configure/create the database and
tables on it. Can some one provide with simple tutorial or the
best way to create and configure the MongoDB database and tables
so that can be used by syslog-ng ?<br>
<br>
Kind regards<span class="HOEnZb"><font color="#888888"><br>
Ivan<br>
</font></span></font>
</div>
<br>______________________________________________________________________________<br>
Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" rel="noreferrer" target="_blank">https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br>
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" rel="noreferrer" target="_blank">http://www.balabit.com/support/documentation/?product=syslog-ng</a><br>
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer" target="_blank">http://www.balabit.com/wiki/syslog-ng-faq</a><br>
<br>
<br></blockquote></div><br></div>