[syslog-ng]syslog-ng

Michael Earls Michael.Earls@chmcc.org
Wed, 16 Jan 2002 14:18:46 -0500


This is a MIME message. If you are reading this text, you may want to 
consider changing to a mail reader or gateway that understands how to 
properly handle MIME multipart messages.

--=_732E07AD.B6D73BDD
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable

I will make things very clear on what i am trying to do with syslog-ng,,
=20
i have 200 routers and i want them to all point to my syslog server,  that =
is why i created a sep file for each router,  how can i get them to log to =
a mysql databse, i have tried just loggin one ip to the databse useing =
sqlsyslogd tables but that did not work,=20
=20

How can I go about getting this to work,??
=20
thanks
=20
michael

>>> nate@campin.net 01/14/02 08:06PM >>>
On Mon, Jan 14, 2002 at 07:48:35PM -0500, Michael Earls wrote:
> sorry if i am missing something but I do not see that there, i see that =
u are logging to a host file, or are using sqlsyslog, i am looking for a =
way to take the statement for syslog-ng then pipe that into a database,=20

Are you saying you only want to insert *certain* messages into the
database? I really don't understand.

I see now that my example syslog-ng.conf doesn't have an example line
for using sqlsyslogd. If that's what you need, here you go:

----
destination sqlsyslogd { program("/usr/local/sbin/sqlsyslogd -u sqlsyslogd =
-t logs sqlsyslogd -p"); };

log { source(src); destination(sqlsyslogd); };
----
"src" in this case is all the incoming messages, there's no filtering of
messages.

You still need to setup your database according to the instructions for
sqlsyslogd. Read the docs that come with it.
--=20
Nate Campi     http://www.campin.net    GnuPG key: 0xC17AEF79  =20

"My computer's sick. I think my modem is a carrier."


_______________________________________________
syslog-ng maillist  -  syslog-ng@lists.balabit.hu=20
https://lists.balabit.hu/mailman/listinfo/syslog-ng=20



--=_732E07AD.B6D73BDD
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Description: HTML

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=3D"text/html; charset=3Diso-8859-1" http-equiv=3DContent-Type=
>
<META content=3D"MSHTML 5.00.3103.1000" name=3DGENERATOR></HEAD>
<BODY style=3D"FONT: 8pt Tahoma; MARGIN-LEFT: 2px; MARGIN-TOP: 2px">
<DIV><FONT size=3D2>I will make things very clear on what i am trying to =
do with=20
syslog-ng,,</FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT size=3D2>i have 200 routers and i want them to all point to my =
syslog=20
server,&nbsp; that is why i created a sep file for each router,&nbsp; how =
can i=20
get them to log to a mysql databse, i have tried just loggin one ip to =
the=20
databse useing sqlsyslogd tables but that did not work, </FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV><BR><FONT size=3D3>How can I go about getting this to work,??</FONT></=
DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT size=3D3>thanks</FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT size=3D3>michael</FONT><BR><BR>&gt;&gt;&gt; nate@campin.net =
01/14/02=20
08:06PM &gt;&gt;&gt;<BR>On Mon, Jan 14, 2002 at 07:48:35PM -0500, Michael =
Earls=20
wrote:<BR>&gt; sorry if i am missing something but I do not see that =
there, i=20
see that u are logging to a host file, or are using sqlsyslog, i am =
looking for=20
a way to take the statement for syslog-ng then pipe that into a =
database,=20
<BR><BR>Are you saying you only want to insert *certain* messages into=20
the<BR>database? I really don't understand.<BR><BR>I see now that my =
example=20
syslog-ng.conf doesn't have an example line<BR>for using sqlsyslogd. If =
that's=20
what you need, here you go:<BR><BR>----<BR>destination sqlsyslogd {=20
program("/usr/local/sbin/sqlsyslogd -u sqlsyslogd -t logs sqlsyslogd =
-p");=20
};<BR><BR>log { source(src); destination(sqlsyslogd); };<BR>----<BR>"src" =
in=20
this case is all the incoming messages, there's no filtering=20
of<BR>messages.<BR><BR>You still need to setup your database according to =
the=20
instructions for<BR>sqlsyslogd. Read the docs that come with it.<BR>-- =
<BR>Nate=20
Campi&nbsp;&nbsp;&nbsp;&nbsp; <A=20
href=3D"http://www.campin.net&nbsp;&nbsp;&nbsp;/">http://www.campin.net&nbs=
p;&nbsp;&nbsp;</A>=20
GnuPG key: 0xC17AEF79&nbsp;&nbsp; <BR><BR>"My computer's sick. I think my =
modem=20
is a=20
carrier."<BR><BR><BR>_______________________________________________<BR>sys=
log-ng=20
maillist&nbsp; -&nbsp; syslog-ng@lists.balabit.hu<BR><A=20
href=3D"https://lists.balabit.hu/mailman/listinfo/syslog-ng">https://lists.=
balabit.hu/mailman/listinfo/syslog-ng</A><BR></DIV></BODY></HTML>

--=_732E07AD.B6D73BDD--