[syslog-ng]logging messages from Netscreen to syslog-ng - need to pipe to MySQL
db now
Brandon Rodak
syslog-ng@lists.balabit.hu
Mon, 26 Jul 2004 15:18:43 -0600
This might be a basic question but I am missing something. I believe I
am successfully sending the Netscreen firewall messages to a remote
syslog server (running syslog-ng) as I have them stored in an
appropriate log file. What I want to do now is pipe this file to a MySQL
database so that I can retrieve the data later for analysis and to post
to a web interface. I have even tried the simple syslong-ng.conf
example below (unrelated to my Netscreen logs) in an attempt to pipe data.
destination database { pipe("/tmp/mysql.pipe" template("INSERT INTO logs
(host, facility, priority, level, tag, date, time, program, msg) VALUES
( '$HOST', '$FACILITY', '$PRIORITY','$LEVEL', '$TAG',
'$YEAR-$MONTH-$DAY','$HOUR:$MIN:$SEC', '$PROGRAM', '$MSG' );\n")
template-escape(yes)); };
Nothing ever appears in the mysql.pipe file.
Also I need advice on what fields I should be extrapolating out of the
log for use in the Database; I realize the fields above are not the ones
I would need from my Netscreen log but any information or leads on how
to use the Netscreen logs correctly with a database would be awesome.
Thanks for any and all help! It is greatly appreciated!
Brandon
--
Brandon Rodak
Web Services
Computer Marketing Corporation
http://www.cmcflex.com