[syslog-ng]STILL MANGLED MESSAGES! Please Help!
harald schmidt
harald12schmidt@gmx.de
Thu, 10 Oct 2002 17:30:48 +0200 (MEST)
Hi,
Syslog-ng 1.5.21 still produces mangled messages into pipes! This happens
ca. 10 times a day.
Here an example what syslog-ng writes in the pipe:
INSERT INTO all_messages_200210 (host, facility, priority, tag, date,
time, program, msg) VALUES ( 'clc', 'daemon', 'debug', '1f',
'2002-10-10', '11:24:56', 'nrpe', 'nrpe[15656]: Host is asking for command
\'check_total_procs\' to be rINSERT INTO all_messages_200210 (host, facility,
priority, tag, date,
time, program, msg) VALUES ( 'clc', 'daemon', 'debug', '1f',
'2002-10-10', '11:24:57', 'nrpe', 'nrpe[15656]: Return Code: 0, Output: OK -
67 processes running' );
the 3rd line should look like this:
'2002-10-10', '11:24:56', 'nrpe', 'nrpe[15656]: Host is asking for command
\'check_total_procs\' to be run...' );
But syslog-ng doesn't finish that line.
Here another example:
INSERT INTO all_messages_200210 (host, facility, priority, tag, date,
time, program, msg) VALUES ( 'clc', 'daemon', 'debug', '1f',
'2002-10-10', '01:26:52', 'nrpe', 'nrpe[15INSERT INTO all_messages_200210
(host, facility, priority, tag, date,
time, program, msg) VALUES ( 'clc', 'daemon', 'debug', '1f',
'2002-10-10', '01:26:52', 'nrpe', 'nrpe[15387]: Return Code: 1, Output: 2
users currently logged in' );
Here is my syslog-ng.conf:
#
# Syslog-ng example configuration for for Debian GNU/Linux
#
# Copyright (c) 1999 anonymous
# Copyright (c) 1999 Balazs Scheidler
# $Id: syslog-ng.conf.sample,v 1.2 1999/11/15 12:30:41 bazsi Exp $
#
# Syslog-ng configuration file, compatible with default Debian syslogd
# installation.
#
# 1.options
options { long_hostnames(off); use_fqdn(yes); sync(0); log_fifo_size (500);
gc_busy_threshold(768); use_time_recvd(1); };
# 2.sources
source s_kernel { pipe("/proc/kmsg"); internal(); };
source s_stream { unix-stream("/dev/log"); internal(); };
source sn_udp { udp(); };
# 3.destinations
destination df_all_messages {
file("/var/log/all_messages-$YEAR$MONTH$DAY"); };
destination dq_mysql_all_messages {
pipe("/var/pipes/mysql.fifo"
template("INSERT INTO all_messages_$YEAR$MONTH (host, facility, priority,
tag, date,
time, program, msg) VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$TAG',
'$YEAR-$MONTH-$DAY', '$HOUR:$MIN:$SEC', '$PROGRAM', '$MSG' );\n")
template-escape(yes));
};
# 4.Log
log { source(s_stream); source(s_kernel); source(sn_udp);
destination(df_all_messages); };
log { source(s_stream); source(s_kernel); source(sn_udp);
destination(dq_mysql_all_messages); };
And here the Script that reads from the pipe (I'm starting a new database
every month):
#!/bin/sh
datum=$(date +%Y%m)
if [ -e /var/pipes/mysql.fifo ]; then
while [ -e /var/pipes/mysql.fifo ]
do
/usr/local/mysql/bin/mysql -vvT syslog_$datum < /var/pipes/mysql.fifo
done
else
mkfifo /var/pipes/mysql.fifo
fi
My system:
# uname -a
Linux clc 2.4.10-4GB #1 Tue Sep 25 12:33:54 GMT 2001 i686 unknown
Could anyone PLEASE help me?
thanks Harald
--
Holen Sie sich den Turbo fürs Internet: T-DSL!
http://bonus.gmx.net/?gid=46842444&prid=11