SYSLOG_NG change date format and send to mysql

Nastavenie casu aky sa ma logovat, posielat do MYSQL..

Nastavenie datumovych premenych:

Date-related macros

template and rewrite: Format, modify, and manipulate log messages > Customize message format using macros and templates > Date-related macros

The macros related to the date of the message (for example: ${ISODATE}, ${HOUR}, and so on) have three further variants each:

  • S_ prefix, for example, ${S_DATE}: The ${S_DATE} macro represents the date found in the log message, that is, when the message was sent by the original application. Caution: To use the S_ macros, the keep-timestamp() option must be enabled (this is the default behavior of syslog-ng OSE).
  • R_ prefix, for example, ${R_DATE}: ${R_DATE} is the date when syslog-ng OSE has received the message.
  • C_ prefix, for example, ${C_DATE}: ${C_DATE} is the current date, that is when syslog-ng OSE processes the message and resolves the macro.

The ${DATE} macro equals the ${S_DATE} macro.

The values of the date-related macros are calculated using the original timezone information of the message. To convert it to a different timezone, use the time-zone() option. You can set the time-zone() option as a global option, or per destination. For sources, it applies only if the original message does not contain timezone information. Converting the timezone changes the values of the following date-related macros (macros MSEC and USEC are not changed):

  • AMPM
  • DATE
  • DAY
  • FULLDATE
  • HOUR
  • HOUR12
  • ISODATE
  • MIN
  • MONTH
  • MONTH_ABBREV
  • MONTH_NAME
  • MONTH_WEEK
  • SEC
  • STAMP
  • TZ
  • TZOFFSET
  • UNIXTIME
  • WEEK
  • WEEK_DAY
  • WEEK_DAY_ABBREV
  • WEEK_DAY_NAME
  • YEAR
  • YEAR_DAY

Zdroj:

https://www.syslog-ng.com/technical-documents/doc/syslog-ng-open-source-edition/3.18/administration-guide/60

nastavenie logovania do MYSQL

destination d_mysql_vala {


sql(
type(mysql)
host("192.168.191.21")
username("syslogadmin")
password("remotelog")
database("lmsfin")
table("logs")
columns("host", "facility", "priority", "level", "tag", "date", "time", "program", "msg")
#values("$HOST", "$FACILITY", "$PRIORITY", "$LEVEL", "$TAG","$YEAR-$MONTH-$DAY", "$HOUR:$MIN:$SEC","$PROGRAM", "$MSG")
values("$HOST", "$FACILITY", "$PRIORITY", "$LEVEL", "$TAG","$C_YEAR-$C_MONTH-$C_DAY", "$C_HOUR:$C_MIN:$C_SEC","$PROGRAM", "$MSG")

indexes("datetime", "host", "program", "msg")
);



    };
   Send article as PDF   

CIsco WLC (airOS) disable logging console

Check_mk windows agent plugin run frequency
Pridaj komentár

6  +  1  =