On Thu, Jun 17, 1999 at 11:35:53AM -0400, Forrest Aldrich wrote:

Okay, perhaps I don't understand. Syslog takes a number of attributes and logs them into a file /var/log/syslog (or whatever you define). Those attributes could be translated into a schema/table and inserted into the database each time. Then, those same fields can be keyed or indexed, searched against... reports run. I would think that would be very useful.

The alternative is to hack shell and perl scripts together to pull out that data... or by viewing them manually, which involves sore eyes and headaches.

The problem with exactly this "translation into a schema/table". log messages are quite different, and it is very difficult to write a general parser, which extracts information from log messages. I do not want to put this difficulty to syslog-ng itself, however it is possible to write this functionality to an external program or perl script. -- Bazsi