[rsyslog-notify] Forum Thread: Join messages by DeviceReportedTime - (Mode 'post')
noreply at adiscon.com
noreply at adiscon.com
Fri Jan 31 01:39:22 CET 2014
User: daczone
Forumlink: http://kb.monitorware.com/viewtopic.php?p=24156#p24156
Message:
----------
I'm trying to figure out to get multiple line messages into a single
message.
If you take a look at my messages, one contains a username followed by the
ip address. Making for a difficult time searching vi SQL.
mysql> SELECT message FROM SystemEvents where DeviceReportedTime LIKE
"%2014-01-30 15:53:39%";
+---------------------------------------------------------------------------------------------+
| message
|
+---------------------------------------------------------------------------------------------+
| Jan 30 15:53:44.129 PST: RADIUS: Framed-IP-Address [8] 6
68.126.78.194 |
| Jan 30 15:53:44.129 PST: RADIUS: User-Name [1] 12
"username" |
+---------------------------------------------------------------------------------------------+
2 rows in set, 1 warning (0.85 sec)
I'd like to join them before sending to SQL, but not quite sure how to go
about this.
joining by timegenerated, timereported would probably work.
Thank You in Advance!
More information about the rsyslog-notify
mailing list