I've not used rsyslog myself, but it seems a lot closer to the old syslog than syslog-ng which is quite different and very flexible. Rsyslog seems to do most of the things that syslog-ng does so I guess it might be down to which you personally prefer. Syslog-ng seems more prevalent, and although rsyslog seems to have built in mysql support, whereas syslog-ng uses a tiny glue shell script, the syslog-ng way works well enough too. I run my central logserver this way and it is reliable. Neither of these things really support web interfaces to my knowledge. My web interface is an interface to mysql, nothing to do with syslog-ng.... -h Hari Sekhon Tiger Peng wrote:
Hi, Hari: Thanks a lot, since I also consider to dump the syslog-ng log to database (MySQL or Oracle), do you think it is better to choose the syslog-ng, or rsyslog, it looks like the syslog-ng has better web interface supporting, but rsyslog has the better built in MySQL database support. Definitely, I will take your advice to read through all the syslog-ng documents and FAQ. Thanks again.
David
= = = Original message = = =
?
You don't use syslog-ng in this way. For what you want to do you should make your application output the information you want to the standard syslog and use syslog-ng as your logger. Then use filters to extract the messages you want the launch an external program to email them off to you or something. That is what I did. A few lines of code, some regex filtering with syslog-ng definitions is all it takes.
Now you have all the pointers, you can read the docs on filtering, program(), etc. Although it sounds like you don't have a good grasp of the whole logging thing yet so my advice is to read all the syslog-ng docs and faq. They are worth the read.
-h
Hari Sekhon
Tiger Peng wrote:
I have two questions about how to use the syslog-ng to monitor just couple of processes. In my case, I try to use some kind of utility to just monitor 4 to 8 different processes, some of them are system resource, but some of them are new developed processes. Here are my questions.
1. can I start a seperate syslog-ng, I mean if I can keep syslogd running, but start another syslog-ng process to dedicate the service for my special purpose.
2. I guess syslog-ng has some kind of filter which can filter the information, but how can I expand it ability to receive some specific information or more field, such as message ID. Is this configurable, or I must modify the source to support it.
Thanks.
David
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
___________________________________________________________ Sent by ePrompter, the premier email notification software. Free download at http://www.ePrompter.com.