-----Original Message----- From: Carlos Manuel Trepeu Pupo <[email protected]> Reply-To: rsyslog-users <[email protected]> Date: Friday, October 3, 2014 at 12:01 PM To: "[email protected]" <[email protected]> Subject: [rsyslog] about rsyslog and functionalities
>Hello, I'm receiving the email list since a few months ago when I decided >to implement an rsyslog server in my network. Now I have the machine and >hard drives, so it's time to start. I had been reading always the list, >but >I still have a few questions: >1- Is possible to implement a rsyslog server that save all logs in a >separated mysql database? >2- In case of squid and postfix I can make independent database for each >one? > 2.1- Can I send the fields to a database where the log's field are >separated and not as a line ? > >Thanks and sorry for my english. > >P.S: If you guys can recommend me any information online I'll be >appreciated, I tried to read everything I found, but for some reason I >still don't fell quite. Hi Carlos, Yes, it's possible...in my experience almost anything you can imagine is possible (and efficient) with rsyslog. You'll need appropriate output modules, along with templates and rulesets to split things up how you like. I used to output to a database, but have switched to elasticsearch for various reasons. You might want to consider it. Obvious advice I'm sure you will follow is to use the latest stable release vs necessarily tracking what comes from your OS vendor (I've been doing this for years with success). These should get you started, then the list can help with more detailed questions (be sure to share your config if you hit problems): http://www.rsyslog.com/doc/rsyslog_packages.html http://www.rsyslog.com/doc/rsyslog_conf_templates.html http://www.rsyslog.com/doc/master/concepts/multi_ruleset.html http://www.rsyslog.com/doc/ommysql.html http://www.rsyslog.com/doc/master/configuration/modules/omelasticsearch.htm l http://www.rsyslog.com/performance-tuning-elasticsearch/ _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
