Syslog-Server: Stores syslog-lines in a DBM (TC) (It is not a SyslogDaemon)
Find a file
Denis Knauf 0621370cec --
2011-07-15 10:03:38 +02:00
bin file-queue 2011-06-08 22:51:40 +02:00
lib -- 2011-07-15 10:03:38 +02:00
AUTHORS little changes: metafiles 2010-03-20 23:28:09 +01:00
LICENSE license added 2010-01-30 15:09:00 +01:00
Rakefile little changes: metafiles 2010-03-20 23:28:09 +01:00
README.md README: tc 2011-06-08 22:59:25 +02:00
VERSION file-queue 2011-06-08 22:51:40 +02:00

Dependencies

System

  • ruby >= 1.9 (tested: 1.9.1, untested: 1.8 (maybe compatible))
  • tokyocabinet
  • rufus-tokyo

Debian/Ubuntu:

# aptitude ruby1.9.1 ruby1.9.1-dev rubygems1.9.1 libtokyocabinet-dev libtokyotyrant-dev

If you've installed ruby1.8 (yet), you should run ruby1.9.1 instead ruby and gem1.9.1 instead gem. Change shebash in s2l.rb to

#!/usr/bin/ruby1.9.1

or

#!/usr/bin/env ruby1.9.1

Ruby Gems

You should install dk-bdb manualy:

# gem install rufus-tokyo

Every other dependencies will be installed automaticaly, if you install syslog2logan via gem.

Install

# gem install syslog2logan

Usage

First you should know, the database environments are in this directory, where you call s2l.rb. You must use this directory for logan itself too! Don't use this directory for anything else.

Start

Simple on Ubuntu:

# /var/lib/gems/1.9*/gems/syslog2logan-*/bin/s2l.rb

Deamonized:

# sh -c 'nohup PATHTO/s2l.rb </dev/null >/dev/null 2>&1 &' &

Use it

Your Syslog-server should send everythin via tcp to port 1514. UDP and TLS aren't possible yet. If you want to use any of these, you can proxy it via a local syslog-ng.

syslog-ng

You need these lines:

source s_server {
	unix-stream( "/dev/log" max-connections(100));
	# internal(); # Statistics about dests.  It's unimportant for LogAn.
	file( "/proc/kmsg");
};

destination d_server {
	tcp( "SyslogServer.example.org" port (1514));
};

log {
	source( s_server);
	destination( d_server);
};

rsyslog

I don't know. Please tell me, how to use.