[syslog-ng] about mysql log
Jacopo Cappelli
jacopo89 at gmail.com
Wed Jul 8 10:19:39 CEST 2009
2009/7/8 Balazs Scheidler <bazsi at balabit.hu>:
> On Mon, 2009-07-06 at 17:15 +0200, Jacopo Cappelli wrote:
>> 2009/7/6 Jacopo Cappelli <jacopo89 at gmail.com>:
>> > 2009/7/6 Balazs Scheidler <bazsi at balabit.hu>:
>> >> On Mon, 2009-07-06 at 11:58 +0200, Jacopo Cappelli wrote:
>> >>> Hi,
>> >>> it's possible to personalize mysql logging?
>> >>> actually i have
>> >>> $HOST,$FACILITY,$PRIORITY,$LEVEL,$TAG,$YEAR-$MONT-$DAY,
>> >>> $HOUR:$MIN:$SEC; $PROGRAM,$MSG
>> >>> i want to decompose $MGS in sub-level field because in $MSG i have a
>> >>> email-id and i use it to make web research.
>> >>
>> >> with syslog-ng 3.0 you can.
>> >>
>> >> you can either parse the message using db-parser(), or csv-parser() (see
>> >> the related blog posts, google will find them)
>> >>
>> >> once your message is parsed, you can reference custom fields in your sql
>> >> destination, thus put any parsed value in a separate SQL column.
>> >>
>> >> --
>> >> Bazsi
>> >
>> > parser p_assp {
>> > csv-parser(columns("ID_MESSAGE","MSG")
>> > delimiters(" ")
>> > flags(escape-none)
>> > template("${HOST}")
>> > );
>> > };
>> >
>> > my $MSG is:
>> > m-1234-5678 <other information of mail delivery>
>> >
>> > i want to have a field on mysql named id_message that contain the
>> > message id but i have a difficult to do a parser that do it...
>> >
>> > Thanks,
>> > Jacopo
>> >
>>
>> Mmm... Ok work but with csv-parser parse all string? It's possible to
>> split only the first word? Because i can't do 20 field on db for store
>> all split...
>
> You can use the "greedy" flag, then your last field will get the "rest
> of the line" not just one column.
>
> --
> Bazsi
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.campin.net/syslog-ng/faq.html
>
>
If i use flags(greedy) syslog-ng not log on mysql. Without log.
syslog-ng -V
syslog-ng 3.0.3
Revision: ssh+git://bazsi@git.balabit//var/scm/git/syslog-ng/syslog-ng-ose--mainline--3.0#master#08c9bf9d98e4e021756adc12c42605840140ba8b
Compile-Date: Jun 25 2009 07:10:36
Enable-Threads: on
Enable-Debug: off
Enable-GProf: off
Enable-Memtrace: off
Enable-Sun-STREAMS: off
Enable-Sun-Door: off
Enable-IPv6: on
Enable-Spoof-Source: on
Enable-TCP-Wrapper: off
Enable-SSL: on
Enable-SQL: on
Enable-Linux-Caps: on
Enable-Pcre: off
Hi,
Jacopo
--
Linux, Windows Xp ed MS-DOS
(anche conosciuti come il Bello, il Brutto ed il Cattivo).
-- Matt Welsh
More information about the syslog-ng
mailing list