[rsyslog-notify] Forum Thread: Rsyslog to MySql (UBUNTU) - (Mode 'post')

noreply at adiscon.com noreply at adiscon.com
Tue Feb 23 15:32:32 CET 2016 

User: cornelp 
Forumlink: http://kb.monitorware.com/viewtopic.php?p=26359#p26359

Message: 
----------
Hello. So Im trying to get rsyslog to send all logs to MySQL database, so
that I can show the data thru LogAnalyzer.
LogAnalyzer works properly, as I can see the start and stop of rsyslog
details. 
My problem is with rsyslog to MySQL. I don't think it sends the logs to the
database, cause when I try to query the database, it only shows the start
and stop log from rsyslog, nothing else. I have 4 Cisco devices pointing
its logs to my rsyslog server but no data is shown in the database.
Here is what I have:

rsysloc.conf in /etc/ folder:
#  /etc/rsyslog.conf    Configuration file for rsyslog.
#
#                       For more information see
#                       /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
#
#  Default logging rules can be found in /etc/rsyslog.d/50-default.conf


#################
#### MODULES ####
#################

#$ModLoad imuxsock # provides support for local system logging
#$ModLoad imklog   # provides kernel logging support
#$ModLoad immark  # provides --MARK-- message capability

# provides UDP syslog reception
#$ModLoad ommysql
#$ModLoad imudp
#$UDPServerRun 514

# provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514

# Enable non-kernel facility klog messages
$KLogPermitNonKernelFacility on

###########################
#### GLOBAL DIRECTIVES ####
###########################

#
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
#
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

# Filter duplicated messages
$RepeatedMsgReduction on

#
# Set the default permissions for all log files.
#
#$FileOwner syslog
#$FileGroup adm
#$FileCreateMode 0640
#$DirCreateMode 0755
#$Umask 0022
#$PrivDropToUser syslog
#$PrivDropToGroup syslog

#
# Where to place spool and state files
#
#$WorkDirectory /var/spool/rsyslog

#

MySQL.conf file under /etc/rsysog.d/ folder
### Configuration file for rsyslog-mysql
### Changes are preserved

$ModLoad ommysql
*.* :ommysql:192.168.10.1,Syslog,sysloguser,Password1

What am I missing besides these config files? Am I supposed to edit any
other file or????
Thanks...

More information about the rsyslog-notify mailing list