[syslog-ng] syslog-ng 3.3.3 rewrite question regarding cisco IOS Messages

[Gergely Nagy]

Thomas Wollner <tw at wollner-net.de> writes:

> I updated to the new version, but the problem still exists. No  
> conditional rewrite at all.
> During installation the system complained about a unresolved dependency.
> syslog-ng 3.3.3 is build against libpcre >= 8.10. Debian squeeze only  
> provides libpcre3 8.02-1.1

Hrm. Then that's a bug in my build environment, I'll try to fix it
ASAP.

I might have screwed up by creating a sid chroot instead of a squeeze
one.. As soon as I figured that out, I'll push a new version.

> So, do you think this is an issue? on which system the packages for  
> debian squeeze are build? Any backports are in the game?

It looks like a bug on my end.

> In general: We need syslog-ng with mongodb, patterndb and conditional  
> rewrite support. Do you - or others - have a recommendation which  
> version to use?

My packages are your best bet, I believe. As soon as the conditional
rewrite is fixed, that is. This should happen soon, as that's the
highest on my TODO list at the moment.

> BTW: mojology is a very nice peace of software. I like it very much.  
> Are there any plans to go on further with that? Things like Message  
> search, etc?

With mojology, no, not really. Mojology is a kind of proof of concept,
and it works fairly well for that, but adding anything more complex to
is non-trivial to say the least.

I do have something in the works that will hopefully be interesting
(yes, it includes message search ;). But it's in a very early stage, and
will take a good few months before it's ready to be made public.

-- 
|8]