Michael Earls Michael.Earls@chmcc.org
Mon, 14 Jan 2002 21:19:18 -0500

so u are saying that i can write something like this

## tking switch
destination {program("/usr/bin/mysql -u sysloguser -t logs -p")};
filter f_192.168.3.254 { host(; };
log { source(net); filter(f_192.168.3.254); destination(; };

the databse is logs and the table is, am i correct, 



>>> Nate Campi <nate@campin.net> 01/14/02 20:07 PM >>>
On Mon, Jan 14, 2002 at 07:48:35PM -0500, Michael Earls wrote:
> sorry if i am missing something but I do not see that there, i see that u are logging to a host file, or are using sqlsyslog, i am looking for a way to take the statement for syslog-ng then pipe that into a database, 

Are you saying you only want to insert *certain* messages into the
database? I really don't understand.

I see now that my example syslog-ng.conf doesn't have an example line
for using sqlsyslogd. If that's what you need, here you go:

destination sqlsyslogd { program("/usr/local/sbin/sqlsyslogd -u sqlsyslogd -t logs sqlsyslogd -p"); };

log { source(src); destination(sqlsyslogd); };
"src" in this case is all the incoming messages, there's no filtering of

You still need to setup your database according to the instructions for
sqlsyslogd. Read the docs that come with it.
Nate Campi     http://www.campin.net    GnuPG key: 0xC17AEF79   

"My computer's sick. I think my modem is a carrier."