[syslog-ng] Writing line by line

[Matt Zagrabelny]

On Tue, 2007-08-14 at 11:14 +0530, Diluka Moratuwage wrote:
> Hi,
> 
>     Can I configure the syslog-ng, so that, it writes only line by line. 
> Now few lines at the same time.
> I mean, I wanna, write one line, and then another, not as a a bunch of 
> lines.

Writing a bunch of lines shouldn't matter. Think of the time delta
between writing a bunch of lines as being close to zero. They are still
separate lines.

> What I actually need to
> do, is reading one line, process it and do some things, and then listen 
> to next line and so on.

Write to a process that reads from stdin. As an example, we process VPN
syslog's from our Cisco VPN concentrator:


destination dp_process_vpn {
        program("/usr/local/sbin/process_vpn_syslog"
                template("$YEAR/$MONTH/$DAY $HOUR:$MIN:$SEC $MSG\n")
                template_escape(no)
        );
};

filter f_vpn {
        # IP Address of the VPN box
        netmask("10.1.1.1/255.255.255.255");
};

source s_remote {
        udp();
};

# do the processing for vpn stuff
log {
                source(s_remote);
                filter(f_vpn);
                destination(dp_process_vpn);
};


# samle source code for /usr/local/sbin/process_vpn_syslog

#!/usr/bin/perl

use strict;

while (<>) {
  chomp;
  # do stuff here
}

-- 
Matt Zagrabelny - mzagrabe at d.umn.edu - (218) 726 8844
University of Minnesota Duluth
Information Technology Systems & Services
PGP key 1024D/84E22DA2 2005-11-07
Fingerprint: 78F9 18B3 EF58 56F5 FC85  C5CA 53E7 887F 84E2 2DA2

He is not a fool who gives up what he cannot keep to gain what he cannot
lose.
-Jim Elliot
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.balabit.hu/pipermail/syslog-ng/attachments/20070814/66bd912c/attachment.pgp