• Back to Project

Comments for Modular syslog

query: msyslog
hai,
i have installed msyslog in my system but i am not able to log messages. i am not able to understand of how to use msyslog. can u please help me in configuring msyslog.
please send me the instructions of how to use msyslog.

waiting for ur reply

sai.

mailid: saireddyt@yahoo.com

Re: I can't get msyslog to dump to mysql database
I followed all the step to set up msyslog. I can't get it to log to mysql database. I think it has to do with om_mysql. Here's my log. I also made sure I have libmysqlclient. Can anyone help??

Sep 11 17:38:58 scanman msyslog: msyslogd shutdown succeeded
Sep 11 19:13:51 scanman sshd(pam_unix)[25553]: session opened for user root by (uid=0)
Sep 11 19:15:42 scanman sshd(pam_unix)[25553]: session opened for user root by (uid=0)
Sep 11 19:25:32 scanman syslogd: exiting on signal 1
Sep 11 19:25:33 scanman.okstate.edu syslogd: restart
Sep 11 19:25:33 scanman.okstate.edu msyslogd: syslogd: WARNING error on input module, ignoring om_mysql
Sep 11 19:25:33 scanman.okstate.edu msyslog: msyslogd startup succeeded
Sep 11 19:25:33 scanman.okstate.edu msyslog: msyslogd shutdown succeeded
Sep 11 19:13:51 scanman sshd[25553]: Accepted password for root from 10.120.1.114 port 2404 ssh2

Re: msyslog rocks!

> I've been using modular syslog to backup
> all of the logs from all of my servers
> to a secure site. This tool makes
> watching all of the syslogs from my
> servers a very easy task! This project
> is great and deserves some praise!
> Cheers!
>
> Jaa Matane,
>
> Dylan

I wonder if u could give me some detail config about
msyslog. eg. mysql.msyslog.conf.etc...

I prefer syslog-ng for SQL
I found this project trying to find a way to direct
syslog messages to an SQL database. For me,
msyslog was frustrating to configure and use.

Then I found syslog-ng and I was able to get it
working with little hassle. Directing to a SQL
database is as easy as writing a script to read a
pipe and have syslog direct messages to a pipe.
See the syslog documentation about the pipe
destination and use the template option.

Re: msyslog not logging to MySQL Database
"ln -s libmysqlclient.so mysql/libmysqlclient.so"
in /usr/lib to solve this problem...

mailing lists
please request support on the mailing lists. we can't track every place of messages in the net.

and thanks for using msyslog!

Re: kernel: SCSI subsystem driver Revision: 1.00

hi,
Could you mail this to the list again?
I regained control over msyslog recently.

Thanks

kernel: SCSI subsystem driver Revision: 1.00
~6 months ago, when I first installed msyslog, I exchanged some e-mails with the author. He couldn't find the source of the "problem", but here's an update:

1- Linux 2.4.19 (with kmod and devfs).
2- msyslog 1.09a.
3- Run configure as an user.
4- You should have the Subject in your logs.
5- sr_mod, scsi_mod, and cdrom modules are loaded.

Is it just me ? What always loads them when I run msyslog's configure ?

Not a problem, but it'd be nice to avoid it entirely.

msyslog rocks!
I've been using modular syslog to backup all of the logs from all of my servers to a secure site. This tool makes watching all of the syslogs from my servers a very easy task! This project is great and deserves some praise! Cheers!

Jaa Matane,

Dylan

msyslog not logging to MySQL Database
Yesterday I installed msyslog-1.08d-2 on RedHat Linux 7.1.

I installed the msyslog-1.08d-2.i386.rpm.

The msyslogd is logging to text files but not logging to the MYSQL database table.

Any ideas will be greatly appreciated. Additional information below:

Below is my syslog.conf file with user and password like <user> <password>:

# /etc/msyslog/msyslog.conf: configuration file for msyslogd.

#

# Msyslog uses a slightly different syntax than the old syslogd.

# See below and in /usr/share/doc/msyslog/examples for samples

# and documentation. See also the manpages for msyslog.conf(5),

# msyslogd(8), and the output modules: om_mysql(8), om_regex(8),

# om_pgsql(8), om_classic(8).

#

# The logfiles you specify with %classic must exist beforehand;

# they will not be auto-created.

*.* /dev/tty12

# Log all kernel messages to the console.

# Logging much else clutters up the screen.

kern.* %classic /dev/console

kern.* %classic /var/log/col

# Log anything (except mail) of level info or higher.

# Don't log private authentication messages!

*.info;mail.none;news.none;authpriv.none;cron.none %classic /var/log/messages

# The authpriv file has restricted access.

authpriv.* %classic /var/log/secure

# Log all the mail messages in one place.

mail.* %classic /var/log/maillog

# Log cron stuff

cron.* %classic /var/log/cron

# Everybody gets emergency messages, plus log them on another

# machine.

*.emerg %classic *

# Save mail and news errors of level err and higher in a

# special file.

uucp,news.crit %classic /var/log/spooler

# Save boot messages also to boot.log

local7.* %classic /var/log/boot.log

#

# INN

#

news.=crit %classic /var/log/news/news.crit

news.=err %classic /var/log/news/news.err

news.notice %classic /var/log/news/news.notice

# Logging to an SQL database. SECURITY ALERT. Since the mysql/postgresql

# passwords need to appear here, this file should not be world readable!

# ---

# Log to server logger.mydomain.edu through MySQL

*.* %classic /var/log/col

*.* %mysql -s localhost -u <user> -p <password> -d syslog -t syslogTB -F -P

#

# Log to server logger.mydomain.edu through MySQL, using DELAYED inserts

#*.* %mysql -D -s logger.mydomain.edu -u loguser -p loguserpassword -d syslogDB -t syslogTB

#

# Log to server logger.mydomain.edu thru PGSQL

#*.* %pgsql -s logger.mydomain.edu -u loguser -p loguserpassword -d syslogDB -t syslogTB

# Protect a log of classic module.

#auth.info %peo -l -k /var/lib/msyslog/.var.log.authlog.key %classic /var/log/authlog

The MYSQL DB name is syslog.

The Table name is syslogTB, below is the structure:

+----------+------------------+------+-----+---------+----------------+

| Field | Type | Null | Key | Default | Extra |

+----------+------------------+------+-----+---------+----------------+

| facility | varchar(10) | YES | | NULL | |

| priority | varchar(10) | YES | | NULL | |

| date | date | YES | | NULL | |

| time | time | YES | | NULL | |

| host | varchar(128) | YES | | NULL | |

| message | text | YES | | NULL | |

| seq | int(10) unsigned | | PRI | NULL | auto_increment |

+----------+------------------+------+-----+---------+----------------+

I have tested the user that is in the syslog.conf file and the user can insert into the syslogTB table.

Any ideas as to what is wrong will be appreciated.