[syslog-ng] Postgres database questions

[Liam Kirsher]

Hi --

I'm considering using syslog-ng to log to a postgres database, and just
wanted to make sure I could do what I want to do before I spend a lot of
time discovering that I can't.  So, some of these questions probably
have obvious answers.

The client and loghost systems are running CentOS 5.2, which comes with
syslog-ng v. 1.6.

I believe I will need to upgrade to syslog-ng 3.0 (OSE) to use the
database logging functionality.  Correct?
I noticed there was a recent message regarding difficulty compiling on
CentOS 5.2 -- I hope this is not a problem.  It looked like the
suggested fix *should* have worked.  I just don't want to end up in the
syslog-ng Heartbreak Hotel!

The only examples of database logging to Postgres I could find were to
log the entire message, and/or were for older versions of syslog-ng.
What I want to do is break the message up into columns and just log
those columns.  Reading the documentation, it seems like what I need to
do is create a parser which will split the message up as desired.  From
there, I should be able to log to a database table with the desired
fields.  Right?

Is this the correct approach, and are there any examples of how to do
this, other than the cursory descriptions in the documentation?

Thanks,
Liam



-- 
Liam Kirsher
PGP: http://liam.numenet.com/pgp/