Comments for Modular syslog

15 Mar 2005 01:33 tsaireddy

query: msyslog
hai,
i have installed msyslog in my system but i am not able to log messages. i am not able to understand of how to use msyslog. can u please help me in configuring msyslog.
please send me the instructions of how to use msyslog.

waiting for ur reply

sai.

mailid: saireddyt@yahoo.com

11 Sep 2003 20:21 yhloh

Re: I can't get msyslog to dump to mysql database
I followed all the step to set up msyslog. I can't get it to log to mysql database. I think it has to do with om_mysql. Here's my log. I also made sure I have libmysqlclient. Can anyone help??

Sep 11 17:38:58 scanman msyslog: msyslogd shutdown succeeded
Sep 11 19:13:51 scanman sshd(pam_unix)[25553]: session opened for user root by (uid=0)
Sep 11 19:15:42 scanman sshd(pam_unix)[25553]: session opened for user root by (uid=0)
Sep 11 19:25:32 scanman syslogd: exiting on signal 1
Sep 11 19:25:33 scanman.okstate.edu syslogd: restart
Sep 11 19:25:33 scanman.okstate.edu msyslogd: syslogd: WARNING error on input module, ignoring om_mysql
Sep 11 19:25:33 scanman.okstate.edu msyslog: msyslogd startup succeeded
Sep 11 19:25:33 scanman.okstate.edu msyslog: msyslogd shutdown succeeded
Sep 11 19:13:51 scanman sshd[25553]: Accepted password for root from 10.120.1.114 port 2404 ssh2

17 Jul 2003 18:14 shokme

Re: msyslog rocks!

> I've been using modular syslog to backup
> all of the logs from all of my servers
> to a secure site. This tool makes
> watching all of the syslogs from my
> servers a very easy task! This project
> is great and deserves some praise!
> Cheers!
>
> Jaa Matane,
>
> Dylan


I wonder if u could give me some detail config about
msyslog. eg. mysql.msyslog.conf.etc...

12 Jan 2003 23:07 jeri

I prefer syslog-ng for SQL
I found this project trying to find a way to direct
syslog messages to an SQL database. For me,
msyslog was frustrating to configure and use.

Then I found syslog-ng and I was able to get it
working with little hassle. Directing to a SQL
database is as easy as writing a script to read a
pipe and have syslog direct messages to a pipe.
See the syslog documentation about the pipe
destination and use the template option.

20 Sep 2002 07:32 ivast

Re: msyslog not logging to MySQL Database
"ln -s libmysqlclient.so mysql/libmysqlclient.so"
in /usr/lib to solve this problem...

14 Sep 2002 01:26 alejo

mailing lists
please request support on the mailing lists. we can't track every place of messages in the net.

and thanks for using msyslog!

13 Sep 2002 03:02 alejo

Re: kernel: SCSI subsystem driver Revision: 1.00

hi,
Could you mail this to the list again?
I regained control over msyslog recently.

Thanks

26 Aug 2002 21:10 fredlwm

kernel: SCSI subsystem driver Revision: 1.00
~6 months ago, when I first installed msyslog, I exchanged some e-mails with the author. He couldn't find the source of the "problem", but here's an update:

1- Linux 2.4.19 (with kmod and devfs).
2- msyslog 1.09a.
3- Run configure as an user.
4- You should have the Subject in your logs.
5- sr_mod, scsi_mod, and cdrom modules are loaded.

Is it just me ? What always loads them when I run msyslog's configure ?

Not a problem, but it'd be nice to avoid it entirely.

08 Aug 2002 11:26 insert36

msyslog rocks!
I've been using modular syslog to backup all of the logs from all of my servers to a secure site. This tool makes watching all of the syslogs from my servers a very easy task! This project is great and deserves some praise! Cheers!

Jaa Matane,

Dylan

14 Mar 2002 17:00 leecr

msyslog not logging to MySQL Database
Yesterday I installed msyslog-1.08d-2 on RedHat Linux 7.1.

I installed the msyslog-1.08d-2.i386.rpm.

The msyslogd is logging to text files but not logging to the MYSQL database table.

Any ideas will be greatly appreciated. Additional information below:

Below is my syslog.conf file with user and password like <user> <password>:

# /etc/msyslog/msyslog.conf: configuration file for msyslogd.

#

# Msyslog uses a slightly different syntax than the old syslogd.

# See below and in /usr/share/doc/msyslog/examples for samples

# and documentation. See also the manpages for msyslog.conf(5),

# msyslogd(8), and the output modules: om_mysql(8), om_regex(8),

# om_pgsql(8), om_classic(8).

#

# The logfiles you specify with %classic must exist beforehand;

# they will not be auto-created.

*.* /dev/tty12

# Log all kernel messages to the console.

# Logging much else clutters up the screen.

kern.* %classic /dev/console

kern.* %classic /var/log/col

# Log anything (except mail) of level info or higher.

# Don't log private authentication messages!

*.info;mail.none;news.none;authpriv.none;cron.none %classic /var/log/messages

# The authpriv file has restricted access.

authpriv.* %classic /var/log/secure

# Log all the mail messages in one place.

mail.* %classic /var/log/maillog

# Log cron stuff

cron.* %classic /var/log/cron

# Everybody gets emergency messages, plus log them on another

# machine.

*.emerg %classic *

# Save mail and news errors of level err and higher in a

# special file.

uucp,news.crit %classic /var/log/spooler

# Save boot messages also to boot.log

local7.* %classic /var/log/boot.log

#

# INN

#

news.=crit %classic /var/log/news/news.crit

news.=err %classic /var/log/news/news.err

news.notice %classic /var/log/news/news.notice

# Logging to an SQL database. SECURITY ALERT. Since the mysql/postgresql

# passwords need to appear here, this file should not be world readable!

# ---

# Log to server logger.mydomain.edu through MySQL

*.* %classic /var/log/col

*.* %mysql -s localhost -u <user> -p <password> -d syslog -t syslogTB -F -P

#

# Log to server logger.mydomain.edu through MySQL, using DELAYED inserts

#*.* %mysql -D -s logger.mydomain.edu -u loguser -p loguserpassword -d syslogDB -t syslogTB

#

# Log to server logger.mydomain.edu thru PGSQL

#*.* %pgsql -s logger.mydomain.edu -u loguser -p loguserpassword -d syslogDB -t syslogTB

# Protect a log of classic module.

#auth.info %peo -l -k /var/lib/msyslog/.var.log.authlog.key %classic /var/log/authlog

The MYSQL DB name is syslog.

The Table name is syslogTB, below is the structure:

+----------+------------------+------+-----+---------+----------------+

| Field | Type | Null | Key | Default | Extra |

+----------+------------------+------+-----+---------+----------------+

| facility | varchar(10) | YES | | NULL | |

| priority | varchar(10) | YES | | NULL | |

| date | date | YES | | NULL | |

| time | time | YES | | NULL | |

| host | varchar(128) | YES | | NULL | |

| message | text | YES | | NULL | |

| seq | int(10) unsigned | | PRI | NULL | auto_increment |

+----------+------------------+------+-----+---------+----------------+

I have tested the user that is in the syslog.conf file and the user can insert into the syslogTB table.

Any ideas as to what is wrong will be appreciated.

Screenshot

Project Spotlight

ReciJournal

An open, cross-platform journaling program.

Screenshot

Project Spotlight

Veusz

A scientific plotting package.