syslog2logan/README.md

Dependencies
============

System
------

* ruby >= 1.9 (tested: 1.9.1,  untested: 1.8 (maybe compatible))
* tokyocabinet

### Debian/Ubuntu:

	# aptitude ruby1.9.1 ruby1.9.1-dev rubygems1.9.1 libtokyocabinet-dev libtokyotyrant-dev

If you've installed ruby1.8 (yet),  you should run ruby1.9.1 instead ruby and
gem1.9.1 instead gem.
Change shebash in s2l.rb to

	#!/usr/bin/ruby1.9.1

or

	#!/usr/bin/env ruby1.9.1

Install
=======

	# gem install syslog2logan

Usage
=====

First you should know,  the database environments are in *this* directory,
where you call *s2l.rb*.  You must use this directory for logan itself too!
Don't use this directory for anything else.

Start
-----

Simple on Ubuntu:

	# /var/lib/gems/1.9*/gems/syslog2logan-*/bin/s2l.rb

Deamonized:

	# sh -c 'nohup PATHTO/s2l.rb </dev/null >/dev/null 2>&1 &' &

Use it
------

Your Syslog-server should send everythin via tcp to port 1514.
UDP and TLS aren't possible yet.
If you want to use any of these,  you can proxy it via a local syslog-ng.

### syslog-ng

You need these lines:

	source s_server {
		unix-stream( "/dev/log" max-connections(100));
		# internal(); # Statistics about dests.  It's unimportant for LogAn.
		file( "/proc/kmsg");
	};
	
	destination d_server {
		tcp( "SyslogServer.example.org" port (1514));
	};
	
	log {
		source( s_server);
		destination( d_server);
	};

### rsyslog

I don't know.  Please tell me,  how to use.
README: in markdown 2010-02-07 18:11:06 +01:00			`Dependencies`
			`============`

			`System`
			`------`

			`* ruby >= 1.9 (tested: 1.9.1, untested: 1.8 (maybe compatible))`
README: tc 2011-06-08 22:59:25 +02:00			`* tokyocabinet`
README: in markdown 2010-02-07 18:11:06 +01:00
README: in markdown 2010-02-07 18:13:14 +01:00			`### Debian/Ubuntu:`
README: in markdown 2010-02-07 18:11:06 +01:00
README: tc 2011-06-08 22:59:25 +02:00			`# aptitude ruby1.9.1 ruby1.9.1-dev rubygems1.9.1 libtokyocabinet-dev libtokyotyrant-dev`
README: in markdown 2010-02-07 18:11:06 +01:00
more readme 2010-03-17 13:27:28 +01:00			`If you've installed ruby1.8 (yet), you should run ruby1.9.1 instead ruby and`
README: in markdown 2010-02-07 18:11:06 +01:00			`gem1.9.1 instead gem.`
			`Change shebash in s2l.rb to`

			`#!/usr/bin/ruby1.9.1`

more readme 2010-03-17 13:27:28 +01:00			`or`

			`#!/usr/bin/env ruby1.9.1`
README: in markdown 2010-02-07 18:11:06 +01:00
			`Install`
			`=======`

more readme 2010-03-17 13:27:28 +01:00			`# gem install syslog2logan`
README: in markdown 2010-02-07 18:11:06 +01:00
			`Usage`
			`=====`

more readme 2010-03-17 13:27:28 +01:00			`First you should know, the database environments are in this directory,`
			`where you call s2l.rb. You must use this directory for logan itself too!`
			`Don't use this directory for anything else.`

README: in markdown 2010-02-07 18:11:06 +01:00			`Start`
			`-----`

more readme 2010-03-17 13:27:28 +01:00			`Simple on Ubuntu:`
README: in markdown 2010-02-07 18:11:06 +01:00
more readme 2010-03-17 13:27:28 +01:00			`# /var/lib/gems/1.9/gems/syslog2logan-/bin/s2l.rb`
README: in markdown 2010-02-07 18:11:06 +01:00
more readme 2010-03-17 13:27:28 +01:00			`Deamonized:`
README: in markdown 2010-02-07 18:11:06 +01:00
more readme 2010-03-17 13:27:28 +01:00			`# sh -c 'nohup PATHTO/s2l.rb </dev/null >/dev/null 2>&1 &' &`
README: in markdown 2010-02-07 18:11:06 +01:00
			`Use it`
			`------`

			`Your Syslog-server should send everythin via tcp to port 1514.`
			`UDP and TLS aren't possible yet.`
			`If you want to use any of these, you can proxy it via a local syslog-ng.`

README: in markdown 2010-02-07 18:13:14 +01:00			`### syslog-ng`
README: in markdown 2010-02-07 18:11:06 +01:00
			`You need these lines:`

			`source s_server {`
			`unix-stream( "/dev/log" max-connections(100));`
more readme 2010-03-17 13:27:28 +01:00			`# internal(); # Statistics about dests. It's unimportant for LogAn.`
README: in markdown 2010-02-07 18:11:06 +01:00			`file( "/proc/kmsg");`
			`};`

			`destination d_server {`
			`tcp( "SyslogServer.example.org" port (1514));`
			`};`

			`log {`
			`source( s_server);`
			`destination( d_server);`
			`};`

README: in markdown 2010-02-07 18:13:14 +01:00			`### rsyslog`
README: in markdown 2010-02-07 18:11:06 +01:00
more readme 2010-03-17 13:27:28 +01:00			`I don't know. Please tell me, how to use.`