[syslog-ng]Old Syslog Data

Michael Boman syslog-ng@lists.balabit.hu
Tue, 23 Dec 2003 09:44:09 +0800


--=-Dg0yo26yfJJMzZR5IZGr
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Tue, 2003-12-23 at 03:45, Asif Iqbal wrote:
> Hi All
>=20
> I am using syslog-ng which pipes the log to mysql database in this format
>=20
> host, facility, priority, level, tag, date, time, program, msg
>=20
> I installed the php plugin and now I can browse through the web real fast=
.
>=20
> Is there a way I can push all the previous logs in the database in the sa=
me
> format ? That way users can also look at the previous datam
>=20
> Thanks

Were you running syslogd or syslog-ng (and log to a file) before? By
default neither of these formats contain facility and priority settings,
but apart from that there shouldn't be any problems importing the old
logs into a database with some perl scripting.

For speed reasons I would cut up the message with a unique delimeter and
use mysqlimport instead of hundreds if not thousands of INSERT commands,
but of course the later also works.

Best regards
 Michael Boman

--=20
Michael Boman
Security Architect, SecureCiRT Pte Ltd
http://www.securecirt.com

--=-Dg0yo26yfJJMzZR5IZGr
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQA/553pds5fQJiraJwRApNlAJ0V/WKYRiRvUB1e4f4HwPk+aSdSjACg2alk
suYv8wNgLcVyFCAL2Pxl/Kw=
=gTIY
-----END PGP SIGNATURE-----

--=-Dg0yo26yfJJMzZR5IZGr--