[syslog-ng] DB probs

Edward Brookhouse ebroo at healthydirections.com
Tue Jul 5 17:08:48 CEST 2005


Hi all -

 

I am upgrading from the syslog-ng 1.7 branch on one machine to another
server using the 1.9.4 branch. 

 

Using this on the new server I am building, I can not get any data to
write to a mysql database. Using  mysql 4.1.11-2 and Syslogng 1.9.4 on
RH Fedora Core 4 kernel 2.6.12-1

 

Using the syslog-ng config file and database setup from the older server
that is still running does not work.

 

So - I tried switching from using a mysql pipe file to using sqlsyslogd
- same results -

 

Log data flows in, gets written to a log file, but never gets inserted
into the db -

 

The db structure looks ok - the sqlsyslogd is running well - not much in
the way of being able to debug that but ....gonna try to pass it through
a debugger

 

Here is the relevant portion of my conf 

 

 

destination sqlsyslogd {

        program("/usr/local/sbin/sqlsyslogd -h localhost -u root -t logs
syslog -p");

};

 

 

With the password specified in sqlsyslogd.conf  (this is one word on a
line by itself - is that right???)

 

 

 

 

When a log entry comes in I do see an error about writing to FD 7 

 

 

[root at io etc]# syslog-ng -F -e -v -d -f /etc/syslog-ng/syslog-ng.conf

Starting destination program; cmdline='/usr/local/bin/syslog-mail'

Starting destination program; cmdline='/usr/local/sbin/sqlsyslogd -h
localhost -u root -t logs syslog -p'

Starting destination program; cmdline='/usr/local/bin/syslog-mail-perl'

syslog-ng starting up; version='1.9.4'

log_reader_fd_prepare(); window_size='100'

log_reader_fd_prepare(); window_size='100'

log_reader_fd_prepare(); window_size='100'

log_reader_fd_prepare(); window_size='100'

 

 

 

Syslog connection accepted; to='AF_UNIX(/dev/log)',
from='AF_UNIX(\xff\xff\xff\xff\x19)'

log_reader_fd_prepare(); window_size='100'

log_reader_fd_prepare(); window_size='100'

log_reader_fd_prepare(); window_size='100'

Incoming log entry; line='<86>Jul  5 11:05:01 sshd[6703]: Accepted
password for ebroo from ::ffff:172.17.17.193 port 33316 ssh2'

Initializing destination file writer; filename='/var/log/syslog',
template='/var/log/syslog'

Initializing destination file writer;
filename='/var/log/HOSTS/io/2005/07/05/05',
template='/var/log/HOSTS/$HOST/$YEAR/$MONTH/$DAY/$FACILITY_$HOST_$YEAR_$
MONTH_$DAY'

log_reader_fd_prepare(); window_size='100'

log_reader_fd_prepare(); window_size='100'

log_reader_fd_prepare(); window_size='100'

log_reader_fd_prepare(); window_size='100'

log_reader_fd_prepare(); window_size='100'

log_reader_fd_prepare(); window_size='100'

EOF occurred while reading; fd='7'

Closing log reader fd; fd='7'

log_reader_fd_prepare(); window_size='100'

log_reader_fd_prepare(); window_size='100'

Syslog connection accepted; to='AF_UNIX(/dev/log)', from='AF_UNIX(-)'

log_reader_fd_prepare(); window_size='100'

log_reader_fd_prepare(); window_size='100'

log_reader_fd_prepare(); window_size='100'

Incoming log entry; line='<38>Jul  5 11:05:01 sshd(pam_unix)[6705]:
session opened for user ebroo by (uid=0)'

log_reader_fd_prepare(); window_size='100'

log_reader_fd_prepare(); window_size='100'

log_reader_fd_prepare(); window_size='100'

log_reader_fd_prepare(); window_size='100'

log_reader_fd_prepare(); window_size='100'

log_reader_fd_prepare(); window_size='100'

EOF occurred while reading; fd='7'

Closing log reader fd; fd='7'

log_reader_fd_prepare(); window_size='100'

log_reader_fd_prepare(); window_size='100'

 

 

 

 

 

Any thoughts appreciated!!!!!!!!!!!!

 

Edward

ebroo at healthydirections.com



-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20050705/92381099/attachment.htm


More information about the syslog-ng mailing list