Centos6.5
syslog-ng 3.25
mysql
1,yum install syslog-ng.x86_64
2,yum install mysql.x86_64 // 支持mysql 命令運行
3,mkfifo –m 777 /var/log/mysql.pipe // 創建通道並賦予權限
4, logsys-ng.conf // 修改配置文件
//源
source s_sys {
file ("/proc/kmsg" program_override("kernel: "));
unix-stream ("/dev/log");
internal();
# udp(ip(0.0.0.0) port(514));
};
//規則 用默認的,自己寫也行
filter f_default { level(info..emerg) and
not (facility(mail)
or facility(authpriv)
or facility(cron)); };
// 傳輸目標
destination mysql {
program("mysql -h10.10.10.10 -uxxxxx -pxxxxx table < /var/log/mysql.pipe");
pipe("/var/log/mysql.pipe"
template("INSERT INTO w_sys_logs (host, facility, priority, level, tag,
datetime, program, msg) VALUES ( '$HOST', '$FACILITY', '$PRIORITY',
'$LEVEL', '$TAG', '$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC', '$PRORAM',
'$MSG' );n") template-escape(yes) ); };
// table 爲 數據庫名
// 消息組合
log { source(s_sys); filter(f_default);destination(mysql); };
// 創建數據庫
DROP TABLE IF EXISTS `w_sys_logs`;
CREATE TABLE `w_sys_logs` (
`id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
`host` varchar(32) DEFAULT NULL,
`facility` varchar(10) DEFAULT NULL,
`priority` varchar(10) DEFAULT NULL,
`level` varchar(10) DEFAULT NULL,
`tag` varchar(10) DEFAULT NULL,
`datetime` datetime DEFAULT NULL,
`program` varchar(15) DEFAULT NULL,
`msg` text,
PRIMARY KEY (`id`),
KEY `host` (`host`),
KEY `program` (`program`),
KEY `datetime` (`datetime`),
KEY `priority` (`priority`),
KEY `facility` (`facility`)
) ENGINE=InnoDB AUTO_INCREMENT=81 DEFAULT CHARSET=utf8;