If you really want there is some work on a system that takes syslog on stdin and feeds into a modified snort IDS - thus you can have stateful inspection of content and all sorts of filtering.. look at sourceforge for snortadapter Bret Balazs Scheidler <bazsi@balabit.hu> 03/04/2002 05:55 Sent by: syslog-ng-admin@lists.balabit.hu Please respond to syslog-ng To: syslog-ng@lists.balabit.hu cc: (bcc: WATSON Bret/IT/CHRT/ST Group) Subject: Re: [syslog-ng]syslog-ng On Wed, Apr 03, 2002 at 03:38:03AM -0500, Michael Earls wrote:
Will syslog-ng ever be native to log to mysql or any other type of external database?
I don't understand what the problems with using an external program for such purpose are. Simply write a 10 line long perl script where you can even preprocess messages before they go to the database, and feed this script with a pipe/program destination. Adding support for pgsql/mysql/sybase/whatever into syslog-ng is bloat in my opinion. -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1 _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng [This e-mail is confidential and may also be privileged. If you are not the intended recipient, please delete it and notify us immediately; you should not copy or use it for any purpose, nor disclose its contents to any other person. Thank you.]