Centos6.5
Syslog-ng 3.25
Mysql
1,yum install syslog-ng.x86_64
2,yum install mysql.x86_64// support mysql command run
3,mkfifo–m 777/var/log/mysql.pipe// Create channel and give permissions
4, logsys-ng.conf// Modify configuration file
Source
SOURCE S_sys {
File ("/proc/kmsg" Program_override ("kernel:"));
Unix-stream ("/dev/log");
Internal ();
# UDP (IP (0.0.0.0) port (514));
};
rule with default, write it yourself.
Filter F_default {level (info.. Emerg) and
Not (facility (mail)
or facility (AUTHPRIV)
or facility (cron)); };
transfer target
Destination MySQL {
Program ("Mysql-h10.10.10.10-uxxxxx-pxxxxx table </var/log/mysql.pipe");
Pipe ("/var/log/mysql.pipe"
Template ("INSERT into W_sys_logs (host, facility, priority, level, tag,
datetime, program, MSG) VALUES (' $HOST ', ' $FACILITY ', ' $PRIORITY ',
' $LEVEL ', ' $TAG ', ' $YEAR-$MONTH-$DAY $HOUR: $MIN: $SEC ', ' $PRORAM ',
' $MSG '); n ") Template-escape (yes)); };
Table is the database name
message Combinations
Log {source (S_sys); filter (F_default);d estination (MySQL);};
Create a database
DROP TABLE IF EXISTS ' w_sys_logs ';
CREATE TABLE ' W_sys_logs ' (
' ID ' bigint (unsigned) not NULL auto_increment,
' Host ' varchar (+) DEFAULT NULL,
' Facility ' varchar DEFAULT NULL,
' Priority ' varchar (DEFAULT NULL),
' Level ' varchar DEFAULT NULL,
' tag ' varchar (DEFAULT NULL),
' DateTime ' datetime DEFAULT NULL,
' Program ' varchar DEFAULT NULL,
' Msg ' text,
PRIMARY KEY (' id '),
KEY ' Host ' (' Host '),
KEY ' program ' (The ' program '),
KEY ' datetime ' (' DateTime '),
KEY ' priority ' (the ' priority '),
KEY ' facility ' (' facility ')
) Engine=innodb auto_increment=81 DEFAULT Charset=utf8;
Reprint Please specify: http://8463390.blog.51cto.com/8453390/1911623
This article is from "a knife in the hands of the Magic Retreat" blog, please be sure to keep this source http://yi1hu.blog.51cto.com/8453390/1911623
Writing syslog ng logs to the MySQL (remote) database