Hi, Can I configure the syslog-ng, so that, it writes only line by line. Now few lines at the same time. I mean, I wanna, write one line, and then another, not as a a bunch of lines. What I actually need to do, is reading one line, process it and do some things, and then listen to next line and so on. I highly appreciate if you can provide me information, on how to do this. Thanks Diluka.
On Tue, 2007-08-14 at 11:14 +0530, Diluka Moratuwage wrote:
Hi,
Can I configure the syslog-ng, so that, it writes only line by line. Now few lines at the same time. I mean, I wanna, write one line, and then another, not as a a bunch of lines.
Writing a bunch of lines shouldn't matter. Think of the time delta between writing a bunch of lines as being close to zero. They are still separate lines.
What I actually need to do, is reading one line, process it and do some things, and then listen to next line and so on.
Write to a process that reads from stdin. As an example, we process VPN syslog's from our Cisco VPN concentrator: destination dp_process_vpn { program("/usr/local/sbin/process_vpn_syslog" template("$YEAR/$MONTH/$DAY $HOUR:$MIN:$SEC $MSG\n") template_escape(no) ); }; filter f_vpn { # IP Address of the VPN box netmask("10.1.1.1/255.255.255.255"); }; source s_remote { udp(); }; # do the processing for vpn stuff log { source(s_remote); filter(f_vpn); destination(dp_process_vpn); }; # samle source code for /usr/local/sbin/process_vpn_syslog #!/usr/bin/perl use strict; while (<>) { chomp; # do stuff here } -- Matt Zagrabelny - mzagrabe@d.umn.edu - (218) 726 8844 University of Minnesota Duluth Information Technology Systems & Services PGP key 1024D/84E22DA2 2005-11-07 Fingerprint: 78F9 18B3 EF58 56F5 FC85 C5CA 53E7 887F 84E2 2DA2 He is not a fool who gives up what he cannot keep to gain what he cannot lose. -Jim Elliot
Hi Matt, Thanks a lot for your reply. I got it solved using the help of Balazs. Thanks, Diluka. Matt Zagrabelny wrote:
On Tue, 2007-08-14 at 11:14 +0530, Diluka Moratuwage wrote:
Hi,
Can I configure the syslog-ng, so that, it writes only line by line. Now few lines at the same time. I mean, I wanna, write one line, and then another, not as a a bunch of lines.
Writing a bunch of lines shouldn't matter. Think of the time delta between writing a bunch of lines as being close to zero. They are still separate lines.
What I actually need to do, is reading one line, process it and do some things, and then listen to next line and so on.
Write to a process that reads from stdin. As an example, we process VPN syslog's from our Cisco VPN concentrator:
destination dp_process_vpn { program("/usr/local/sbin/process_vpn_syslog" template("$YEAR/$MONTH/$DAY $HOUR:$MIN:$SEC $MSG\n") template_escape(no) ); };
filter f_vpn { # IP Address of the VPN box netmask("10.1.1.1/255.255.255.255"); };
source s_remote { udp(); };
# do the processing for vpn stuff log { source(s_remote); filter(f_vpn); destination(dp_process_vpn); };
# samle source code for /usr/local/sbin/process_vpn_syslog
#!/usr/bin/perl
use strict;
while (<>) { chomp; # do stuff here }
------------------------------------------------------------------------
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
participants (2)
-
Diluka Moratuwage
-
Matt Zagrabelny