On 7/24/2011 6:00 PM, Leo Goehrs wrote:
Of course you may, at least we do it, we have syslog sending to a gew central syslog-ng, and syslog-ng is able to log to a mysql database because it is able to correctly format the logs, then write to a fifo file, which is read by a script and inserted into the mysql database, being further more viewed using php-syslog. Regards Leo goehrs Ps: we use it also to analyse apache logs on cluster configurations, ton consolidate apache logs on the fly using a non blocking technique.
Hmm, okay, that is why I want to do it this way. We were thinking about using Splunk, but I don't like the flat file format that is uses to store its database. That and I am not too keen on the searching syntax that it uses, so would much prefer using a MySQL database for this. Not only for the easier searching, but for the ability to modify and expand any web-based log searching interface that we choose to implement.
If you can point me to a decent get-started guide on how to do this (what you used my help and would be greatly appreciated), that would be totally awesome!
~ Robert