[syslog-ng] problem in writing to database
gatfi sami
pfegatfi.sami at gmail.com
Sat Apr 4 01:32:53 CEST 2009
hi
i am configuring a centralised syslog server and when i arrived to the
writing into the database there is some thing wrong
because when i use a file as destination i see incoming logs when i restart
apache2 or mysql in the client
"tail - f /"
i use syslog -ng 2.0
here is the client
*source my_src{
file("/var/log/apache2/error_log" follow_freq(1) );
file("/var/lib/mysql/mysqld.log" follow_freq(1) );
};
destination loghost {
tcp("192.168.1.69" port(514));
};
log {
source(my_src);
destination(loghost);
};*
here is the server
* source mysrc{ tcp(ip(0.0.0.0) port(514) keep-alive(yes));
#udp();
};
destination d_mysql {
pipe("/tmp/mysql.pipe"
template("INSERT INTO logs (host, facility, priority, level, tag, date,
time, program, msg) VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL',
'$TAG',
'$YEAR-$MONTH-$DAY', '$HOUR:$MIN:$SEC', '$PROGRAM', '$MSG' );\n")
template-escape(yes));
};
log { source(mysrc); destination(d_mysql);
};
*
note that a databes names syslog is already created and contain a table
logs;
if itry the following command : syslog-ng -f /etc/syslog-ng/syslog-ng.conf
Error binding socket; addr='AF_INET(0.0.0.0:514)', error='Address already in
use (98)'
Error initializing source driver; source='mysrc'
ps i used to use the server as relai and send by udp using the same port 514
but now everinthing is
commented like this #
need help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20090404/755527cf/attachment.htm
More information about the syslog-ng
mailing list