[rsyslog] rsyslog + mysql + base(snort)

[Ralph Crongeyer]

All,
I'm would like to try to have a setup like this. Have Snort log to 
rsyslog and then have rsyslog log to a mysql Base schema database.
I know that people use Barnyard and or Barnyard2 for this setup to 
offload the writing to mysql to barnyard so that barnyard could receive 
snort logs and spool them if necessary before writing to mysql should 
mysql not be able to keep up.
It seems to me that rsyslog's spooling capability could eliminate the 
need for barnyard.
How would one go about applying a (for lack of better words) particular 
database schema so that rsyslog could write to the base database?

Does anyone have any thoughts on this?

Thanks,
Ralph

-- 
Reminds me of my expedition into the wilds of Afghanistan. We lost our 
corkscrew and were compelled to live on food and water for several days. - 
WC Fields