[syslog-ng] pdbtool patternize update and my syslog-ng 3.2 branch

Matthew Hall mhall at mhcomputing.net
Sat Sep 25 02:38:39 CEST 2010 

The problem is I really seriously need GYP's pdbtool patternize 3.2 Git tree.

I am unaware of any prebuilt RPMs for it or I would have installed them 
long ago so I would not need to deal with this. :-)

Matthew

On Fri, Sep 24, 2010 at 03:44:37PM -0600, PATRICK HEMMER wrote:
> Ya, I imagine theyre static linked because its easier to release for
> more distro's that way. I build the RPMs for our environment because
> there are a few extra patches I throw in (and I want pcre). For our
> older boxes (RHEL4), I build both glib and pcre in a separate dir
> (not installed in the system), and then when compiling syslog-ng I
> static link just pcre and glib, and leave everything else linked
> against the normal system libs.
> 
> Unless you have some reason to not use the binaries provided by
> balabit, I'd say its would be much easier to just use those.
> 
> -Patrick
> 
> Sent: Fri Sep 24 2010 14:53:25 GMT-0600 (Mountain Daylight Time)
> From: Matthew Hall <mhall at mhcomputing.net>
> To: Syslog-ng users' and developers' mailing list
> <syslog-ng at lists.balabit.hu>
> Subject: Re: [syslog-ng] pdbtool patternize update and my syslog-ng
> 3.2 branch
> >Further investigation...
> >
> >The Balabit RPMs must be built specially because the daemon looks
> >mostly statically linked. Is there some secret to building code
> >for old Linuxes like the BalaBit RPMs?
> >
> >Matthew.
> >
> >On Fri, Sep 24, 2010 at 10:57:38AM -0700, Matthew Hall wrote:
> >>Hello Peter,
> >>
> >>Thanks for the update on the status of patterndb patternize.
> >>
> >>I wondered if the memory leaks you said existed in the old
> >>version had been fixed, you did not say one way or the other in
> >>your mail.
> >>
> >>I also wonder if anybody at Balabit could tell me how to build a
> >>copy of your Git tree on RHEL 4 or RHEL 5. I get problems
> >>because the PCRE is too old but when I switch to new PCRE, PCRE
> >>will not build because the autotools and pkg-config are too old.
> >>
> >>It's a problem for me because unfortunately my company only
> >>supports RHEL here and otherwise I have to run it in an Ubuntu
> >>10.04 or Debian VM with way too little memory for the tool to
> >>run right.
> >>
> >>Would it be possible to build a version of your tree for RHEL 4 or 5?
> >>
> >>Matthew.
> >>
> >>On Fri, Sep 24, 2010 at 11:27:48AM +0200, Peter Gyongyosi wrote:
> >>>Hello,
> >>>
> >>>As the patterndb project is starting to gain some momentum I thought
> >>>it'd be the right time to port my patternize tool to the new,
> >>>plugin-based 3.2 codebase as the first step towards getting it
> >>>integrated --- and to be able to use the fancy new pdbtool features
> >>>along with patternize. To those who are unfamiliar with it,
> >>>patternize is an addition to pdbtool that makes it possible to
> >>>automatically generate a pattern database from raw logs using
> >>>statistical data clustering methods: you can read more about it in
> >>>this blog post:
> >>>http://gyp.blogs.balabit.com/2010/01/introducing-pdbtool-patternize/
> >>>
> >>>Besides the port to the new codebase, it's received some fixes and
> >>>new features since my original post:
> >>>
> >>> * multiple small internal bugfixes to get rid of weird errors
> >>> * added the option "/--named-parsers/" that names the found
> >>>@ESTRING at s like "/.dict.string0,1,2,3.../"
> >>> * Balint Kovacs has sent three contributions: added support for
> >>>reading the logfile from the standard input, escaping special
> >>>characters in the output and putting examples in the XML that can be
> >>>used for self-testing.
> >>>
> >>>It can be found in my public syslog-ng 3.2 tree:
> >>>http://git.balabit.hu/?p=gyp/syslog-ng-3.2.git;a=summary
> >>>
> >>>If you're already using it (I've received some feedback so I guess
> >>>some of you do), please note that most probably this 3.2-based
> >>>branch will get the fixes and new features from now on.
> >>>
> >>>It's only received a basic sanity check and the unit tests do pass,
> >>>so as usual, handle it with care and all feedback is welcome.
> >>>
> >>>greets,
> >>>Peter
> >>>
> >>>ps.: the branch also contains a patch that fixes a wrong section
> >>>name in pdbtool's man page and I'll try to update the whole manpage
> >>>a bit when adding a section for patternize soon -- Bazsi, you might
> >>>want to pull those to the mainline.
> >______________________________________________________________________________
> >Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> >Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> >FAQ: http://www.campin.net/syslog-ng/faq.html
> >

> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.campin.net/syslog-ng/faq.html
>

More information about the syslog-ng mailing list