[syslog-ng] Syslog file to Mysql
Jon Stearley
jrstear at sandia.gov
Tue Apr 25 19:21:24 CEST 2006
On Apr 25, 2006, at 10:48 AM, Nick wrote:
> I did not describe my situation very well, but your solution will help
> with other needs. I have multiple boxes where I can not directly
> syslog to the central server. What I do is, scp the files back to the
> central log server. From here I would like to uncompress them and
> then import the files into the database.
you might try saving to files on remote hosts as
template("<$TAG> $DATE $HOST $MSG")
compress/scp/uncompress as needed, then on your central syslog
collector:
setup a fifo
mkfifo /var/log/log_fifo
configure syslog-ng to watch that fifo:
source s_fifo {pipe("/var/log/log_fifo");};
and insert messages to your db
log{source(s_fifo); destination(d_mysql); flags(flow-control); };
where d_mysql is your save-to-database destination. flow-control
requires 1.9.x.
then periodically `cat collected_files > /var/log/log_fifo`
not sure the best place to deal with YEAR, but maybe by modifying
above template() or in d_mysql.
--
+--------------------------------------------------------------+
| Jon Stearley (505) 845-7571 (FAX 844-9297) |
| Sandia National Laboratories Scalable Systems Integration |
+--------------------------------------------------------------+
More information about the syslog-ng
mailing list