User Tools
network:mysql_syslog
Table of Contents
Syslog-ng with mysql logging Ubuntu 12.04
Install Required Packages
apt-get install syslog-ng-core syslog-ng-mod-sql mysql-server apt-get install libdbi1 libdbd-mysql
Install Optional Packages
apt-get install phpmyadmin
Create database
CREATE DATABASE syslog; USE DATABASE syslog; CREATE TABLE `logs` ( `host` VARCHAR(32) DEFAULT NULL, `facility` VARCHAR(10) DEFAULT NULL, `priority` VARCHAR(10) DEFAULT NULL, `level` VARCHAR(10) DEFAULT NULL, `tag` VARCHAR(10) DEFAULT NULL, `datetime` datetime DEFAULT NULL, `program` VARCHAR(15) DEFAULT NULL, `msg` text, `seq` BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT, PRIMARY KEY (`seq`), KEY `host` (`host`), KEY `program` (`program`), KEY `datetime` (`datetime`), KEY `priority` (`priority`), KEY `facility` (`facility`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Grant Permissions to database
CREATE USER 'syslog'@'localhost' IDENTIFIED BY '***'; GRANT USAGE ON * . * TO 'syslog'@'localhost' IDENTIFIED BY '***' WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ; GRANT ALL PRIVILEGES ON `syslog` . * TO 'syslog'@'localhost';
Enable Mysql in syslog-ng
- /etc/syslog-ng/conf.d/10mysqlsyslog.conf
FILTER f_no_debug { NOT level(debug); }; destination d_mysql { SQL( TYPE(mysql) username("syslog") password("********") DATABASE("syslog") host("localhost") TABLE("logs") COLUMNS("host", "facility", "priority", "level", "tag", "datetime", "program", "msg" VALUES("$HOST", "$FACILITY", "$PRIORITY", "$LEVEL", "$TAG","$YEAR-$MONTH-$DAY $HOUR: indexes("datetime", "host", "program", "pid", "message") ); }; log {source(s_net); source(s_src); filter(f_no_debug); destination(d_mysql); };
network/mysql_syslog.txt · Last modified: 2014/03/11 13:18 by tschulz
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
