[syslog-ng] Log analysis software for syslog-ng+mysql?
seth vidal
skvidal at phy.duke.edu
Tue Nov 15 06:15:19 CET 2005
On Tue, 2005-11-15 at 00:12 -0500, Crayola wrote:
> > > I have used swatch, logchecker, and logwatch in the past against
> > > standard OS logs..
> > >
> > > Now I have a centralized syslog system where everything is being
> > > pumped directly into multiple MySQL databases.
> > >
> > > Are there any log analysis tools that can look at syslog data in a
> > > mysql database and send out alerts based on it?
> > >
> >
> > Why not just use swatch or sec and an alternate destination
> > to handle the alerts?
>
> I'd prefer not to send it to two locations.. Its already being pumped
> into a database. I'd rather not pump it to files as well.
>
You don't pump it to files. Pump it to the program sec.
Right now you're using a program to push the log info to the mysql db.
Do the same thing but piping it directly to sec.
-sv
More information about the syslog-ng
mailing list