[syslog-ng]Simple question, MySQL & Log file
Hamilton, Andrew
syslog-ng@lists.balabit.hu
Fri, 2 May 2003 07:59:53 -0400
This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
------_=_NextPart_001_01C310A2.579E23E7
Content-Type: text/plain;
charset="iso-8859-1"
Just add an additional log line or additional destination.
log { source(src); destination(dmysql); destination(maillog); };
or
log { source(src); destination(dmysql); };
log { source(src); destination(maillog); };
Regards,
Drew
-----Original Message-----
From: Bas Koot [mailto:bask@tiscali.nl]
Sent: Thursday, May 01, 2003 5:43 PM
To: syslog-ng@lists.balabit.hu
Subject: [syslog-ng]Simple question, MySQL & Log file
Hi everybody!
First of all, i like Syslog-NG ! But i have 1 (simple i think) question
about it. For my postfix i need to use the /var/log/maillog file (for the
pop-before-smtp feature) but at this moment everything is putted into the
MySQL database.
Somebody knows how to get the mail data in the database AND into the log
file?
My current config:
# sources
source src { unix-stream("/dev/log"); internal(); };
source kernsrc { file("/proc/kmsg"); };
# destinations
destination dmysql {
pipe("/tmp/mysql.pipe"
template("INSERT INTO logs (host,facility,priority,level,tag,
timestamp,program,msg) VALUES ('$HOST','$FACILITY',
'$PRIORITY','$LEVEL','$TAG','$UNIXTIME','$PROGRAM',
'$MSG');\n")
template-escape(yes));
};
destination maillog { file("/var/log/maillog"); };
# logs
log { source(src); destination(dmysql); };
log { source(kernsrc); destination(dmysql); };
Thanks!
Greetings,
Bas Koot.
------_=_NextPart_001_01C310A2.579E23E7
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2800.1170" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><SPAN class=3D031365611-02052003><FONT face=3DArial =
color=3D#0000ff size=3D2>Just=20
add an additional log line or additional destination. =
</FONT></SPAN></DIV>
<DIV><SPAN class=3D031365611-02052003><FONT face=3DArial =
color=3D#0000ff=20
size=3D2></FONT></SPAN> </DIV>
<DIV><SPAN class=3D031365611-02052003><FONT face=3DArial size=3D2>log { =
source(src);=20
destination(dmysql); <FONT color=3D#0000ff>destination(maillog);</FONT> =
};</FONT></SPAN></DIV>
<DIV><SPAN class=3D031365611-02052003><FONT face=3DArial=20
size=3D2></FONT></SPAN> </DIV>
<DIV><SPAN class=3D031365611-02052003><FONT face=3DArial=20
size=3D2>or</FONT></SPAN></DIV>
<DIV><SPAN class=3D031365611-02052003><FONT face=3DArial size=3D2>log { =
source(src);=20
destination(dmysql); };</FONT></SPAN></DIV>
<DIV><SPAN class=3D031365611-02052003><FONT face=3DArial size=3D2><FONT =
color=3D#0000ff>log { source(src);=20
destination(maillog); };</FONT><BR></FONT></SPAN></DIV>
<DIV><SPAN class=3D031365611-02052003><FONT face=3DArial=20
size=3D2></FONT></SPAN> </DIV>
<DIV><SPAN class=3D031365611-02052003><FONT face=3DArial=20
size=3D2>Regards,</FONT></SPAN></DIV>
<DIV><SPAN class=3D031365611-02052003><FONT face=3DArial=20
size=3D2></FONT></SPAN> </DIV>
<DIV><SPAN class=3D031365611-02052003><FONT face=3DArial =
size=3D2>Drew</FONT></DIV>
<DIV><BR></DIV></SPAN>
<BLOCKQUOTE dir=3Dltr style=3D"MARGIN-RIGHT: 0px">
<DIV class=3DOutlookMessageHeader dir=3Dltr align=3Dleft><FONT =
face=3DTahoma=20
size=3D2>-----Original Message-----<BR><B>From:</B> Bas Koot=20
[mailto:bask@tiscali.nl]<BR><B>Sent:</B> Thursday, May 01, 2003 5:43=20
PM<BR><B>To:</B> syslog-ng@lists.balabit.hu<BR><B>Subject:</B>=20
[syslog-ng]Simple question, MySQL & Log file<BR><BR></FONT></DIV>
<DIV><FONT face=3DArial size=3D2>Hi everybody!</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>First of all, i like Syslog-NG ! But =
i have 1=20
(simple i think) question about it. For my postfix i need to use the=20
/var/log/maillog file (for the pop-before-smtp feature) but at this =
moment=20
everything is putted into the MySQL database.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Somebody knows how to get the mail =
data in the=20
database AND into the log file?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>My current config:</FONT></DIV>
<DIV><FONT face=3DArial size=3D2># sources<BR>source src {=20
unix-stream("/dev/log"); internal(); };<BR>source kernsrc {=20
file("/proc/kmsg"); };</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2># destinations<BR>destination=20
dmysql =20
{<BR> =20
pipe("/tmp/mysql.pipe"<BR> =20
template("INSERT INTO logs=20
=
(host,facility,priority,level,tag,<BR> &nbs=
p; =20
timestamp,program,msg) VALUES=20
=
('$HOST','$FACILITY',<BR>  =
; =20
=
'$PRIORITY','$LEVEL','$TAG','$UNIXTIME','$PROGRAM',<BR>  =
;  =
; =20
'$MSG');\n")<BR> =20
template-escape(yes));<BR>};</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>destination maillog { =
file("/var/log/maillog");=20
};</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2># logs<BR>log { source(src); =
destination(dmysql);=20
};<BR>log { source(kernsrc); destination(dmysql); };<BR></FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Thanks!</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Greetings,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>Bas =
Koot.</DIV></BLOCKQUOTE></FONT></BODY></HTML>
------_=_NextPart_001_01C310A2.579E23E7--