[syslog-ng] Syslog-NG to parse HTTP query strings?
Steve Barnes
steve at echo.id.au
Fri Jul 9 11:16:42 CEST 2010
> On Fri, 2010-07-09 at 16:51 +1000, Steve Barnes wrote:
>> Hello
>>
>> Is Syslog-NG capable of parsing HTTP query string key=value pairs? I've
>> read through both the CSV and pattern DB parser documentation and it
>> seems
>> they both presume a consistent ordering in the $MSG field. Neither seem
>> appropriate when if the order of query string pairs changes, such as:
>>
>> http://somehost.com/somefile.cgi?keyA=valueA&keyB=valueB
>>
>> or
>>
>> http://somehost.com/somefile.cgi?keyB=valueB&keyA=valueA
>>
>> Basically, I want to grab keyA's value irrespective of which order it
>> appears and use it as a value in an SQL insert statement. Is this
>> possible
>> with Syslog-NG's native parsers or am I going to have to handle this in
>> a
>> Perl script/program?
>
> Not right now, however syslog-ng 3.2 (only in its git form right now),
> features plugins and it is quite easy to implement a new parser using a
> plugin.
>
> using the internal API of syslog-ng is _way_ faster than using an
> external script.
Bazsi
Agreed - handling parsing within Syslog-NG is definitely my preferred
choice. I'll take a look at 3.2 and see what's involved in writing a
plugin. Thanks for the pointer.
Cheers
Steve
More information about the syslog-ng
mailing list