[syslog-ng] Writing line by line
Diluka Moratuwage
diluka at wso2.com
Tue Aug 14 14:50:41 CEST 2007
Hi Matt,
Thanks a lot for your reply. I got it solved using the help of Balazs.
Thanks,
Diluka.
Matt Zagrabelny wrote:
> On Tue, 2007-08-14 at 11:14 +0530, Diluka Moratuwage wrote:
>
>> Hi,
>>
>> Can I configure the syslog-ng, so that, it writes only line by line.
>> Now few lines at the same time.
>> I mean, I wanna, write one line, and then another, not as a a bunch of
>> lines.
>>
>
> Writing a bunch of lines shouldn't matter. Think of the time delta
> between writing a bunch of lines as being close to zero. They are still
> separate lines.
>
>
>> What I actually need to
>> do, is reading one line, process it and do some things, and then listen
>> to next line and so on.
>>
>
> Write to a process that reads from stdin. As an example, we process VPN
> syslog's from our Cisco VPN concentrator:
>
>
> destination dp_process_vpn {
> program("/usr/local/sbin/process_vpn_syslog"
> template("$YEAR/$MONTH/$DAY $HOUR:$MIN:$SEC $MSG\n")
> template_escape(no)
> );
> };
>
> filter f_vpn {
> # IP Address of the VPN box
> netmask("10.1.1.1/255.255.255.255");
> };
>
> source s_remote {
> udp();
> };
>
> # do the processing for vpn stuff
> log {
> source(s_remote);
> filter(f_vpn);
> destination(dp_process_vpn);
> };
>
>
> # samle source code for /usr/local/sbin/process_vpn_syslog
>
> #!/usr/bin/perl
>
> use strict;
>
> while (<>) {
> chomp;
> # do stuff here
> }
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> syslog-ng maillist - syslog-ng at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>
>
More information about the syslog-ng
mailing list