Hi guys ...
I have CentOS 5.3 i386
syslog-ng-3.0.4-1.rhel5.i386.rpm
here is my syslog-ng.conf
@version: 3.0
#
#
http://nms.gdd.net/index.php/LogZilla_Installation_Guide#Installing_syslog-n
g
# This config works with v2.x of syslog-ng, you will need to make a few
changes to make it work with v3.x
# For v3.x - change the following entries in your syslog-ng config:
# Change:
# source(s_all);
# to:
# source(s_local);
# source(s_net);
# destination(d_logzilla);
#
# http://www.syslog.org/syslog-ng/v2/
# modify /etc/syslog-ng/syslog-ng.conf and add the following lines to the
bottom:
############################################################################
###############
# Clay's LogZilla config below
############################################################################
###############
# Sept 16, 2009 Added by cdukes for LogZilla
############################################################################
###############
options {
long_hostnames(off);
# doesn't actually help on Solaris, log(3) truncates at 1024 chars
log_msg_size(8192);
# buffer just a little for performance
# sync(1); <- Deprecated - use flush_lines() instead
flush_lines(1);
# memory is cheap, buffer messages unable to write (like to loghost)
log_fifo_size(16384);
# Hosts we don't want syslog from
#bad_hostname("^(ctld.|cmd|tmd|last)$");
# The time to wait before a dead connection is reestablished (seconds)
time_reopen(10);
#Use DNS so that our good names are used, not hostnames
use_dns(yes);
dns_cache(yes);
#Use the whole DNS name
use_fqdn(yes);
keep_hostname(yes);
chain_hostnames(no);
#Read permission for everyone
perm(0644);
# The default action of syslog-ng 1.6.0 is to log a STATS line
# to the file every 10 minutes. That's pretty ugly after a while.
# Change it to every 12 hours so you get a nice daily update of
# # how many messages syslog-ng missed (0).
# stats(43200);
};
source s_net {
udp(ip(0.0.0.0) port(514));
tcp(ip(0.0.0.0) port(514));
};
source s_local {
# message generated by Syslog-NG
internal();
# standard Linux log source (this is the default place for the syslog()
# function to send logs to)
unix-stream("/dev/log");
# messages from the kernel
file("/proc/kmsg" program_override("kernel: "));
};
######
# destinations
destination d_messages { file("/var/log/messages"); };
log {
source(s_local);
destination(d_messages);
};
# Create destination to LogZilla
destination d_logzilla {
program("/var/www/html/logzilla/scripts/db_insert.pl"
template("$HOST\t$FACILITY\t$PRIORITY\t$LEVEL\t$TAG\t$YEAR-$MONTH-$DAY\t$HOU
R:$MIN:$SEC\t$PROGRAM\t$MSG\n")
);
};
# Tell syslog-ng to log to our new destination
log {
source(s_local);
source(s_net);
destination(d_logzilla);
};
I when I restart ntpd ... I get in /var/log/logzilla/db_insert.log:
2009-10-06 21:03:56
Starting /var/log/logzilla/db_insert.log for
/var/www/html/logzilla/scripts/db_insert.pl at pid 23536
Using Database: syslog
Waiting for child on PID 23539 to exit...
Total processing time was 0 wallclock secs ( 0.00 usr 0.00 sys + 0.00
cusr 0.02 csys = 0.02 CPU) seconds
Waiting for child on PID 23558 to exit...
Total processing time was 0 wallclock secs ( 0.00 usr 0.00 sys + 0.00
cusr 0.04 csys = 0.04 CPU) seconds
Waiting for child on PID 23568 to exit...
Total processing time was 0 wallclock secs ( 0.00 usr 0.01 sys + 0.02
cusr 0.03 csys = 0.06 CPU) seconds
Waiting for child on PID 23569 to exit...
Total processing time was 0 wallclock secs ( 0.00 usr 0.00 sys + 0.00
cusr 0.03 csys = 0.03 CPU) seconds
Waiting for child on PID 23570 to exit...
Total processing time was 0 wallclock secs ( 0.00 usr 0.00 sys + 0.01
cusr 0.02 csys = 0.03 CPU) seconds
Waiting for child on PID 23571 to exit...
Total processing time was 0 wallclock secs ( 0.00 usr 0.00 sys + 0.01
cusr 0.03 csys = 0.04 CPU) seconds
Waiting for child on PID 23572 to exit...
Total processing time was 0 wallclock secs ( 0.00 usr 0.00 sys + 0.00
cusr 0.02 csys = 0.02 CPU) seconds
Waiting for child on PID 23573 to exit...
Total processing time was 0 wallclock secs ( 0.00 usr 0.00 sys + 0.01
cusr 0.03 csys = 0.04 CPU) seconds
Waiting for child on PID 23574 to exit...
Total processing time was 0 wallclock secs ( 0.00 usr 0.00 sys + 0.01
cusr 0.02 csys = 0.03 CPU) seconds
Waiting for child on PID 23575 to exit...
Total processing time was 0 wallclock secs ( 0.00 usr 0.00 sys + 0.00
cusr 0.03 csys = 0.03 CPU) seconds
Waiting for child on PID 23576 to exit...
Total processing time was 0 wallclock secs ( 0.00 usr 0.00 sys + 0.01
cusr 0.03 csys = 0.04 CPU) seconds
Waiting for child on PID 23577 to exit...
Total processing time was 0 wallclock secs ( 0.00 usr 0.00 sys + 0.01
cusr 0.02 csys = 0.03 CPU) seconds
but is nothing in logs table
here is from the web page:
USING TABLE: logs
There appear to be no hosts in the Database yet
You can generate fake ones using scripts/dbgen.pl
mysql> select * from logs;
Empty set (0.00 sec)
any idea ?
Thank you
Gabe
------------------------------------------------------------------------------
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference
_______________________________________________
Php-syslog-ng-support mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/php-syslog-ng-support
