Thanks for the info. Do you know where I could find a list of tables, specific to syslog-ng, to populate the database with? I haven't created the db yet, mainly because I'm not sure what tables are available for syslog info to populate From: Clayton Dukes [mailto:cdukes@gmail.com] Sent: Wednesday, August 15, 2012 4:40 PM To: James McDonald Cc: Syslog-ng users' and developers' mailing list Subject: Re: [syslog-ng] syslog-ng with MySQL Just send from all your remote syslog-ng boxes to a local syslog-ng receiver. Then just use that local syslog-ng to send to mysql. Here's an example of client and server configs in the LogZilla forums: http://forum.logzilla.pro/index.php/topic,482.msg2468.html#msg2468 But basically, you just configure a destination in the client pointing to the syslog-ng server. (I recommend using tcp) then, in the server, set the destination as mysql. ______________________________________________________________ Clayton Dukes ______________________________________________________________ On Wed, Aug 15, 2012 at 12:24 PM, James McDonald <jmcdonald@lce.com> wrote: Do you have syslog-NG sending logs to a separate MySQL server, or do you have MySQL installed on the same server as syslog-NG? Since we have multiple syslog-NG servers, we were trying to centralize everything on a MySQL server and then make that db searchable. I was hoping to get some direction on how to have everything sent to the MySQL db server. That's my first hurdle From: Clayton Dukes [mailto:cdukes@gmail.com] Sent: Wednesday, August 15, 2012 12:17 PM To: James McDonald Cc: Syslog-ng users' and developers' mailing list Subject: Re: [syslog-ng] syslog-ng with MySQL It works fine on Redhat, but the Redhat Repo's have old versions of MySQL and PHP so you need to manually download the binaries from MySQL and Zend. ______________________________________________________________ Clayton Dukes ______________________________________________________________ On Wed, Aug 15, 2012 at 12:12 PM, James McDonald <jmcdonald@lce.com> wrote: We are using Red Hat for all of our Linux boxes. We update them monthly, but Red Hat was listed as a liability on the Logzilla website. Are you using Red Hat or Ubuntu? From: syslog-ng-bounces@lists.balabit.hu [mailto:syslog-ng-bounces@lists.balabit.hu] On Behalf Of Clayton Dukes Sent: Wednesday, August 15, 2012 11:35 AM To: Syslog-ng users' and developers' mailing list Subject: Re: [syslog-ng] syslog-ng with MySQL You can also try LogZilla (http://www.logzilla.pro). ______________________________________________________________ Clayton Dukes ______________________________________________________________ On Wed, Aug 15, 2012 at 11:26 AM, James McDonald <jmcdonald@lce.com> wrote: I read through the comments and it seems people are having problems with the install and/or getting queries to run. I currently have syslog-NG version 4.1 and MySQL version 5.5.25. Will the installer error out, since it's based on older versions of those two programs? From: syslog-ng-bounces@lists.balabit.hu [mailto:syslog-ng-bounces@lists.balabit.hu] On Behalf Of Erol Blakely Sent: Wednesday, August 15, 2012 10:53 AM To: Syslog-ng users' and developers' mailing list Subject: Re: [syslog-ng] syslog-ng with MySQL We are trying this out and so far it has been working nicely: http://code.google.com/p/enterprise-log-search-and-archive/ On 2012-08-15, at 10:47 AM, James McDonald wrote: Trying to incorporate a MySQL db (on a separate server) with my two syslog-ng servers, so that the logs can be searchable. Does anyone have any experience with this? Any tips or documentation would be helpful. I didn't find a whole lot on the Balabit website when I searched for it. ____________________________________________________________________________ __ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq -- Erol Blakely - erol@easydns.com Systems Administrator easyDNS Technologies Inc. ____________________________________________________________________________ __ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq