Re: [jffnms-users] syslog-ng and postgresql - date of events problem

Mon, 23 May 2005 14:13:08 -0700 

Hi Yves,

Here's the one-liner.

Javier

MOYA Yves wrote:

Hello,

Can you give me the modifications to event_list function? (And the file where 
it was defined) So I can patch my installation

Thanks,

Yves

-----Message d'origine-----
De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de Javier Szyszlican
Envoy� : jeudi 19 mai 2005 12:44
Cc : [email protected]
Objet : Re: [jffnms-users] syslog-ng and postgresql - date of events problem

I'm making fixes for that stuff.

Its the .XXXX that is causing parsing problems, so I'm just removing that part
in the event_list function.

Javier


MOYA Yves wrote:


Hello,



I have a script who takes syslog-ng log for make sql for insert into
jffnms database in table syslog to use with pgsql command.



An extract of this sql is:



INSERT INTO syslog (date, date_logged, host, message) VALUES
('2005-05-19 09:13:59', NOW(), '192.168.16.69/192.168.16.69', 'May 19
2005 10:06:40 PIXLAN2LAN : %PIX-4-106023: Deny udp src
outside:10.1.254.172/14247 dst inside:192.168.1.2/14247 by access-group
\"outside_access_in\"');



The type of date_logged is timestamp in table syslog in pgsql database
but the php (maybe?) use as timestamp without time zone. So when I go to
the site, in the events the date is wrong.



In the database I have:



21853;"773";"2005-05-19
08:52:29";"43";"1";"Login";"successful";"Yoann";"from
192.168.16.150";"0";"1";"0"

21857;"774";"2005-05-19
08:53:17.766829";"29";"1";"inside:SERV1/389";"deny";"outside:10.17.254.2/2548";"udp192.168.16.69/192.168.16.69";"594";"1";"0"



The date in the event viewer appeared as "1 Jan 00:59:59" for the event
21857 but appeared good for the event 21853.



Have you an idea for corrected this? A parameter for NOW()?



Thanks,



Yves








--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Javier Szyszlican, Project Leader, JFFNMS
[EMAIL PROTECTED]

I hope JFFNMS or I were helpful to you, if you
can, please donate at http://jffnms.org/donate


diff -Nru -x'*rrd' -x'*png' -x'*log' /tmp/jffnms-0.8.2/lib/api.events.inc.php 
/opt/jffnms/lib/api.events.inc.php
--- /tmp/jffnms-0.8.2/lib/api.events.inc.php    2005-05-09 21:04:25.000000000 
-0300
+++ /opt/jffnms/lib/api.events.inc.php  2005-05-16 16:33:42.000000000 -0300
@@ -247,6 +247,7 @@
        $info = array();

        while ($reg = db_fetch_array($res)) {
+           $reg["date"] = substr($reg["date"], 0, 19);
            $reg["text"] = events_replace_vars($reg,$reg["text"]); //replace 
the variables in < >
            $info[]=$reg;
        }

Reply via email to