Hi all!

 

As I have now added hardware to report into a central syslog but I have to uses a relay. (Another SYSLOG-NG)

Now  I get messages containing

 

Host: IP/Name of the relay

Facility, Priority, Level, tag, date, time and program is just all info from the relay.

 

In the msg I have all the data as the original host, time, msg. etc.

 

Is there any way to “grep/sed/awk” the data out of the msg field and sort them into the right columns?

 

Is there an example for such a filter?

 

Any help is appreciated.

 

Regards,

 

Michael

 

 

 

-----Original Message-----
From: Hamilton, Andrew [mailto:Andrew.Hamilton@afccc.af.mil]
Sent: Freitag, 2. Mai 2003 14:00
To: syslog-ng@lists.balabit.hu
Subject: RE: [syslog-ng]Simple question, MySQL & Log file

 

-----Original Message-----
From: Bas Koot [mailto:bask@tiscali.nl]
Sent: Thursday, May 01, 2003 5:43 PM
To: syslog-ng@lists.balabit.hu
Subject: [syslog-ng]Simple question, MySQL & Log file

Hi everybody!

 

First of all, i like Syslog-NG ! But i have 1 (simple i think) question about it. For my postfix i need to use the /var/log/maillog file (for the pop-before-smtp feature) but at this moment everything is putted into the MySQL database.

 

Somebody knows how to get the mail data in the database AND into the log file?

 

My current config:

# sources
source src { unix-stream("/dev/log"); internal(); };
source kernsrc { file("/proc/kmsg"); };

 

# destinations
destination dmysql      {
        pipe("/tmp/mysql.pipe"
        template("INSERT INTO logs (host,facility,priority,level,tag,
                  timestamp,program,msg) VALUES ('$HOST','$FACILITY',
                  '$PRIORITY','$LEVEL','$TAG','$UNIXTIME','$PROGRAM',
                  '$MSG');\n")
        template-escape(yes));
};

 

destination maillog { file("/var/log/maillog"); };

 

# logs
log { source(src); destination(dmysql); };
log { source(kernsrc); destination(dmysql); };

 

Thanks!

 

Greetings,

Bas Koot.