Hi all,
I'm trying to create a very quick mail log searching solution. The
idea is to pre-hash the database by using the last 2 alpha-numeric
characters on the message id.
This isn't inserting to the database and I can't think why.. I've
already built the tables with the structure logs-aa.. logs-ZZ etc..
$template OurDBLog,"INSERT INTO
logs-'%msg:R,ERE,1,NULL:[A-Za-z0-9]{6}-[A-Za-z0-9]{6}-([A-Za-z0-9]{2})--end%'
(messageid, host, \
send_host, created_at, payload, subject) values \
('%msg:R,ERE,0,ZERO:[A-Za-z0-9]{6}-[A-Za-z0-9]{6}-[A-Za-z0-9]{2}--end%','%HOSTNAME%',
'%msg:R,ERE,0,ZERO:H=.*\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}]--end%',
\
'%timegenerated:::date-mysql%', '%msg%',
'%msg:R,ERE,1,ZERO:T="(.+)"--end%')",SQL
Any idea?
On a side note, how can I get extra verbosity out of rsyslog so I'm
not blindly trying to insert and then check via mysql
Cheers,
Joel
--
$ echo "kpfmAdpoofdufevq/dp/vl" | perl -pe 's/(.)/chr(ord($1)-1)/ge'
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com
