FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian ISP

 
 
LinkBack Thread Tools
 
Old 07-24-2011, 09:55 PM
debian
 
Default rsyslogd logging to MySQL Database

Hi all! First time posting to the list, but have been following it
almost religiously


I am wanting to send all logged to a remote syslogd/rsyslogd server and
was wondering if there was a way that I can have all the logs recorded
to a MySQL database running on the log server? This would not be Debian
specific as my environment has several *NIX machines running different
distributions.



--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 4E2C94DD.60408@fpsoft.net">http://lists.debian.org/4E2C94DD.60408@fpsoft.net
 
Old 07-24-2011, 10:00 PM
Leo Goehrs
 
Default rsyslogd logging to MySQL Database

Of course you may, at least we do it, we have syslog sending to a gew central syslog-ng, and syslog-ng is able to log to a mysql database because it is able to correctly format the logs, then write to a fifo file, which is read by a script and inserted into the mysql database, being further more viewed using php-syslog.

Regards

Leo goehrs

Ps: we use it also to analyse apache logs on cluster configurations, ton consolidate apache logs on the fly using a non blocking technique.


----- Message d'origine -----
De : debian [mailto:debian@fpsoft.net]
Envoyé : Sunday, July 24, 2011 11:55 PM
À : Debian ISP <debian-isp@lists.debian.org>
Objet : rsyslogd logging to MySQL Database

Hi all! First time posting to the list, but have been following it
almost religiously

I am wanting to send all logged to a remote syslogd/rsyslogd server and
was wondering if there was a way that I can have all the logs recorded
to a MySQL database running on the log server? This would not be Debian
specific as my environment has several *NIX machines running different
distributions.


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/4E2C94DD.60408@fpsoft.net


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 952DE7F89E170749AD4BBF678A82A78D4114C1@AL-MEX01-VBO.mail.alionis.fr">http://lists.debian.org/952DE7F89E170749AD4BBF678A82A78D4114C1@AL-MEX01-VBO.mail.alionis.fr
 
Old 07-24-2011, 10:06 PM
debian
 
Default rsyslogd logging to MySQL Database

On 7/24/2011 6:00 PM, Leo Goehrs wrote:

Of course you may, at least we do it, we have syslog sending to a gew central syslog-ng, and syslog-ng is able to log to a mysql database because it is able to correctly format the logs, then write to a fifo file, which is read by a script and inserted into the mysql database, being further more viewed using php-syslog.

Regards

Leo goehrs

Ps: we use it also to analyse apache logs on cluster configurations, ton consolidate apache logs on the fly using a non blocking technique.




Hmm, okay, that is why I want to do it this way. We were thinking about
using Splunk, but I don't like the flat file format that is uses to
store its database. That and I am not too keen on the searching syntax
that it uses, so would much prefer using a MySQL database for this. Not
only for the easier searching, but for the ability to modify and expand
any web-based log searching interface that we choose to implement.


If you can point me to a decent get-started guide on how to do this
(what you used my help and would be greatly appreciated), that would be
totally awesome!


~ Robert


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 4E2C9779.80307@fpsoft.net">http://lists.debian.org/4E2C9779.80307@fpsoft.net
 
Old 07-24-2011, 10:13 PM
Leo Goehrs
 
Default rsyslogd logging to MySQL Database

Well, here, on the boat in ibiza, on my blackberry, I don't have the exact name, but we use a php-syslog software, and everything is explained.

We consolidate linux, freebsd and cisco/juniper equipments.

Just hit syslog-ng and mysql in google and you should find plenty of matches.

Leo

----- Message d'origine -----
De : debian [mailto:debian@fpsoft.net]
Envoyé : Monday, July 25, 2011 12:06 AM
À : Leo Goehrs
Cc : 'debian-isp@lists.debian.org' <debian-isp@lists.debian.org>
Objet : Re: rsyslogd logging to MySQL Database

On 7/24/2011 6:00 PM, Leo Goehrs wrote:
> Of course you may, at least we do it, we have syslog sending to a gew central syslog-ng, and syslog-ng is able to log to a mysql database because it is able to correctly format the logs, then write to a fifo file, which is read by a script and inserted into the mysql database, being further more viewed using php-syslog.
>
> Regards
>
> Leo goehrs
>
> Ps: we use it also to analyse apache logs on cluster configurations, ton consolidate apache logs on the fly using a non blocking technique.
>
>

Hmm, okay, that is why I want to do it this way. We were thinking about
using Splunk, but I don't like the flat file format that is uses to
store its database. That and I am not too keen on the searching syntax
that it uses, so would much prefer using a MySQL database for this. Not
only for the easier searching, but for the ability to modify and expand
any web-based log searching interface that we choose to implement.

If you can point me to a decent get-started guide on how to do this
(what you used my help and would be greatly appreciated), that would be
totally awesome!

~ Robert


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 952DE7F89E170749AD4BBF678A82A78D4114F0@AL-MEX01-VBO.mail.alionis.fr">http://lists.debian.org/952DE7F89E170749AD4BBF678A82A78D4114F0@AL-MEX01-VBO.mail.alionis.fr
 
Old 07-24-2011, 10:18 PM
debian
 
Default rsyslogd logging to MySQL Database

On 7/24/2011 6:13 PM, Leo Goehrs wrote:

Well, here, on the boat in ibiza, on my blackberry, I don't have the exact name, but we use a php-syslog software, and everything is explained.

We consolidate linux, freebsd and cisco/juniper equipments.

Just hit syslog-ng and mysql in google and you should find plenty of matches.

Leo

----- Message d'origine -----
De : debian [mailto:debian@fpsoft.net]
Envoyé : Monday, July 25, 2011 12:06 AM
À : Leo Goehrs
Cc : 'debian-isp@lists.debian.org'<debian-isp@lists.debian.org>
Objet : Re: rsyslogd logging to MySQL Database

On 7/24/2011 6:00 PM, Leo Goehrs wrote:

Of course you may, at least we do it, we have syslog sending to a gew central syslog-ng, and syslog-ng is able to log to a mysql database because it is able to correctly format the logs, then write to a fifo file, which is read by a script and inserted into the mysql database, being further more viewed using php-syslog.

Regards

Leo goehrs

Ps: we use it also to analyse apache logs on cluster configurations, ton consolidate apache logs on the fly using a non blocking technique.



Hmm, okay, that is why I want to do it this way. We were thinking about
using Splunk, but I don't like the flat file format that is uses to
store its database. That and I am not too keen on the searching syntax
that it uses, so would much prefer using a MySQL database for this. Not
only for the easier searching, but for the ability to modify and expand
any web-based log searching interface that we choose to implement.

If you can point me to a decent get-started guide on how to do this
(what you used my help and would be greatly appreciated), that would be
totally awesome!

~ Robert


Hey thanks! For a decent HOWTO when I took your advice and might have
to try it on a VM here to see if I can get my Debian VMs (one of which
is a very active public news server) and then when that works, move that
to a similar implementation to the servers where I work. Again, thank
you very very much for the words of wisdom


~ Robert


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 4E2C9A38.5000703@fpsoft.net">http://lists.debian.org/4E2C9A38.5000703@fpsoft.net
 

Thread Tools




All times are GMT. The time now is 06:02 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org