syslog 로그 메세지 MySQL DB 기록

1. MySQL DB 생성

CREATE DATABASE syslog;

USE syslog;

CREATE TABLE SystemEvents
(
        ID int unsigned not null auto_increment primary key,
        CustomerID bigint,
        ReceivedAt datetime NULL,
        DeviceReportedTime datetime NULL,
        Facility smallint NULL,
        Priority smallint NULL,
        FromHost varchar(60) NULL,
        Message text,
        NTSeverity int NULL,
        Importance int NULL,
        EventSource varchar(60),
        EventUser varchar(60) NULL,
        EventCategory int NULL,
        EventID int NULL,

        EventBinaryData text NULL,
        MaxAvailable int NULL,
        CurrUsage int NULL,
        MinUsage int NULL,
        MaxUsage int NULL,
        InfoUnitID int NULL ,
        SysLogTag varchar(60),
        EventLogType varchar(60),
        GenericFileName VarChar(60),
        SystemID int NULL
);

CREATE TABLE SystemEventsProperties
(
        ID int unsigned not null auto_increment primary key,
        SystemEventID int NULL ,
        ParamName varchar(255) NULL ,
        ParamValue text NULL
);

2. rsyslog 설정

# vi /etc/rsyslog.conf
$ModLoad ommysql.so
*.*     :ommysql:127.0.0.1,sSyslog,root,ab03251f

3. rsyslog 재시작

# service rsyslog restart

4. error message 발생

Apr 16 21:20:26 localhost rsyslogd-2066: could not load module '/usr/lib/rsyslog/ommysql.so', dlopen: /usr/lib/rsyslog/ommysql.so: invalid ELF header

5. rsyslog-mysql 설치

# rpm -qa rsyslog-mysql //패키지 설치 유무확인
# yum install rsyslog-mysql

6. rsyslog 재시작

# service rsyslog restart

 

출처 : http://blog.naver.com/sera29