[syslog-ng] Syslog ng and Mysql
Fabien Wernli
wernli at in2p3.fr
Tue Sep 15 08:56:19 CEST 2015
Hi Arash,
On Tue, Sep 15, 2015 at 05:47:44AM +0000, Arash Shams wrote:
> ELK solution is not suitable for us to collect all logs in one server . i prefer to use syslog-ng to collect all logs in Mysql database.
> is there possible to send all servers log to one syslog-ng server and that collect them to database ?
> anyone can give me a good configuration file or some examples in this case ?
The most straightforward would be to simply define a network() destination.
If you want to transfer non-standard key-values (other than PID, PROGRAM,
MSG, DATE, PRI, etc.) you will have to add more config though. Two good
solutions:
* using flags(syslog-protocol) and using .SDATA.* macros
* using JSON, i.e. a template like "$(format-json --scope all-nv-pairs)" on
one side, and a JSON parser on the remote end (json-parser())
There's lots of examples out there and I'd be happy to point you to some if
you can't find them.
Cheers
More information about the syslog-ng
mailing list