[syslog-ng] syslog-ng with MySQL

Martin Holste mcholste at gmail.com
Tue Aug 21 16:29:56 CEST 2012 

Just catching up on this thread.  Most folks don't run into any
problems with ELSA installs, but it depends on the environment.
Generally, the installer works in almost all environments, especially
if the server build is new.  The install is unattended and takes about
20 minutes, so I encourage you to give it a shot.  If you haven't seen
it already, I've recently added shareable dashboards with very
easy-to-create multi-data-series charts:
http://ossectools.blogspot.com/2012/08/elsa-gets-dashboards.html .  As
always, if you run into any problems or have questions, hit us up on
the ELSA list at
http://groups.google.com/group/enterprise-log-search-and-archive .

On Thu, Aug 16, 2012 at 8:12 AM, Clayton Dukes <cdukes at gmail.com> wrote:
> There are programs out there that will do all of this for you, some are even
> free.
> LogZilla has a small network edition that is free.
> There's a VMWare image available that you can have up and running in just a
> few minutes. http://www.logzilla.pro/downloads
>
>
> ______________________________________________________________
>
> Clayton Dukes
> ______________________________________________________________
>
>
>
> On Thu, Aug 16, 2012 at 8:16 AM, James McDonald <jmcdonald at lce.com> wrote:
>>
>> Thanks for the info.  Do you know where I could find a list of tables,
>> specific to syslog-ng,  to populate the database with?  I haven’t created
>> the db yet, mainly because I’m not sure what tables are available for syslog
>> info to populate
>>
>>
>>
>> From: Clayton Dukes [mailto:cdukes at gmail.com]
>> Sent: Wednesday, August 15, 2012 4:40 PM
>>
>>
>> To: James McDonald
>> Cc: Syslog-ng users' and developers' mailing list
>> Subject: Re: [syslog-ng] syslog-ng with MySQL
>>
>>
>>
>> Just send from all your remote syslog-ng boxes to a local syslog-ng
>> receiver.
>>
>> Then just use that local syslog-ng to send to mysql.
>>
>>
>>
>> Here's an example of client and server configs in the LogZilla forums:
>>
>> http://forum.logzilla.pro/index.php/topic,482.msg2468.html#msg2468
>>
>>
>>
>> But basically, you just configure a destination in the client pointing to
>> the syslog-ng server. (I recommend using tcp)
>>
>> then, in the server, set the destination as mysql.
>>
>>
>>
>>
>>
>>
>>
>>
>> ______________________________________________________________
>>
>> Clayton Dukes
>> ______________________________________________________________
>>
>> On Wed, Aug 15, 2012 at 12:24 PM, James McDonald <jmcdonald at lce.com>
>> wrote:
>>
>> Do you have syslog-NG sending logs to a separate MySQL server, or do you
>> have MySQL installed on the same server as syslog-NG?  Since we have
>> multiple syslog-NG servers, we were trying to centralize everything on a
>> MySQL server and then make that db searchable.  I was hoping to get some
>> direction on how to have everything sent to the MySQL db server.  That’s my
>> first hurdle
>>
>>
>>
>> From: Clayton Dukes [mailto:cdukes at gmail.com]
>> Sent: Wednesday, August 15, 2012 12:17 PM
>> To: James McDonald
>> Cc: Syslog-ng users' and developers' mailing list
>>
>>
>> Subject: Re: [syslog-ng] syslog-ng with MySQL
>>
>>
>>
>> It works fine on Redhat, but the Redhat Repo's have old versions of MySQL
>> and PHP so you need to manually download the binaries from MySQL and Zend.
>>
>>
>> ______________________________________________________________
>>
>> Clayton Dukes
>> ______________________________________________________________
>>
>> On Wed, Aug 15, 2012 at 12:12 PM, James McDonald <jmcdonald at lce.com>
>> wrote:
>>
>> We are using Red Hat for all of our Linux boxes.  We update them monthly,
>> but Red Hat was listed as a liability on the Logzilla website.  Are you
>> using Red Hat or Ubuntu?
>>
>>
>>
>> From: syslog-ng-bounces at lists.balabit.hu
>> [mailto:syslog-ng-bounces at lists.balabit.hu] On Behalf Of Clayton Dukes
>> Sent: Wednesday, August 15, 2012 11:35 AM
>>
>>
>> To: Syslog-ng users' and developers' mailing list
>> Subject: Re: [syslog-ng] syslog-ng with MySQL
>>
>>
>>
>> You can also try LogZilla (http://www.logzilla.pro).
>>
>>
>>
>>
>> ______________________________________________________________
>>
>> Clayton Dukes
>> ______________________________________________________________
>>
>> On Wed, Aug 15, 2012 at 11:26 AM, James McDonald <jmcdonald at lce.com>
>> wrote:
>>
>> I read through the comments and it seems people are having problems with
>> the install and/or getting queries to run.  I currently have syslog-NG
>> version 4.1 and MySQL version 5.5.25.  Will the installer error out, since
>> it’s based on older versions of those two programs?
>>
>>
>>
>> From: syslog-ng-bounces at lists.balabit.hu
>> [mailto:syslog-ng-bounces at lists.balabit.hu] On Behalf Of Erol Blakely
>> Sent: Wednesday, August 15, 2012 10:53 AM
>> To: Syslog-ng users' and developers' mailing list
>> Subject: Re: [syslog-ng] syslog-ng with MySQL
>>
>>
>>
>> We are trying this out and so far it has been working nicely:
>>
>>
>>
>> http://code.google.com/p/enterprise-log-search-and-archive/
>>
>>
>>
>>
>>
>>
>>
>> On 2012-08-15, at 10:47 AM, James McDonald wrote:
>>
>>
>>
>> Trying to incorporate a MySQL db (on a separate server) with my two
>> syslog-ng servers, so that the logs can be searchable.  Does anyone have
>> any
>> experience with this?  Any tips or documentation would be helpful.  I
>> didn't
>> find a whole lot on the Balabit website when I searched for it.
>>
>> ______________________________________________________________________________
>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>> Documentation:
>> http://www.balabit.com/support/documentation/?product=syslog-ng
>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>>
>>
>>
>> --
>>
>> Erol Blakely - erol at easydns.com
>>
>> Systems Administrator
>>
>> easyDNS Technologies Inc.
>>
>>
>>
>>
>>
>> ______________________________________________________________________________
>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>> Documentation:
>> http://www.balabit.com/support/documentation/?product=syslog-ng
>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>>
>>
>>
>>
>>
>>
>
>
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>

More information about the syslog-ng mailing list