[syslog-ng] PostgreSQL, MonitorWare Schema and log presentation/analysis
Balazs Scheidler
bazsi at balabit.hu
Thu Mar 10 15:33:35 CET 2011
Hi,
There was a post on LogAnalyzer & syslog-ng integration just the other
day. Let me dig that. Here it comes:
http://czanik.blogs.balabit.com/2011/02/loganalyzer/
I'm not sure if it helps with PgSQL though.
On Thu, 2011-03-10 at 12:27 +0200, Hendrik Visage wrote:
> Hi there,
>
> I've searched hi and low for a log analyzer/presenter for PostgreSql
> backend (still looking) but keep bumping into stuff like LogAnalyzer
> wanting a MonitorWare Schema.. Searching for that with syslog-ng, I've
> been unsuccessful (or I am missing something), other than getting the
> SQL schema below on a chinese site.
>
> Now my quetion: Anybody else used syslog-ng to pump directly into a
> PostgreSQL db a Monitorware Schema?
>
> Any other place I can get some more information on this schema usage?
>
> Anybody using PostgreSQL as a storage back end with a Web based GUI?
>
> (Before we enter the MySQL vs PostgreSQL debates, the answer is
> simple: we know postgresql, we don't know mysql, and if we hit
> performance issues in the current environment, we know we will need to
> procure the necessary HW and handle those decisions there)
>
>
> CREATE TABLE SystemEvents
> (
> ID int unsigned not null auto_increment primary key,
> CustomerID bigint,
> ReceivedAt datetime NULL,
> DeviceReportedTime datetime NULL,
> Facility smallint NULL,
> Priority smallint NULL,
> FromHost varchar(60) NULL,
> Message text,
> NTSeverity int NULL,
> Importance int NULL,
> EventSource varchar(60),
> EventUser varchar(60) NULL,
> EventCategory int NULL,
> EventID int NULL,
> EventBinaryData text NULL,
> MaxAvailable int NULL,
> CurrUsage int NULL,
> MinUsage int NULL,
> MaxUsage int NULL,
> InfoUnitID int NULL ,
> SysLogTag varchar(60),
> EventLogType varchar(60),
> GenericFileName VarChar(60),
> SystemID int NULL
> );
>
> CREATE TABLE SystemEventsProperties
> (
> ID int unsigned not null auto_increment primary key,
> SystemEventID int NULL ,
> ParamName varchar(255) NULL ,
> ParamValue text NULL
> );
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.campin.net/syslog-ng/faq.html
>
--
Bazsi
More information about the syslog-ng
mailing list