• obsah souboru syslog.conf

*.debug         /var/log/syslog/prio-debug.log
*.info          /var/log/syslog/prio-info.log
*.notice        /var/log/syslog/prio-notice.log
*.warning       /var/log/syslog/prio-warning.log
*.err           /var/log/syslog/prio-err.log
*.crit          /var/log/syslog/prio-crit.log
*.alert         /var/log/syslog/prio-alert.log
*.emerg         /var/log/syslog/prio-emerg.log

auth.*          /var/log/syslog/sys-auth.log
cron.*          /var/log/syslog/sys-cron.log
kern.*          /var/log/syslog/sys-kern.log
mail.*          /var/log/syslog/sys-mail.log
syslog.*        /var/log/syslog/sys-syslog.log

• nastavit logrotate.d

/var/log/syslog/*.log {
    sharedscripts
    postrotate
	/bin/kill -HUP `cat /var/run/syslogd.pid 2>/dev/null` 2>/dev/null || true
    endscript
}

• download

• nainstalovat evenlog

  ./configure --prefix=/usr/local/eventlog
  make
  make install

• vyrobit ENV proměnou: export PKG_CONFIG_PATH=/usr/local/eventlog/lib/pkgconfig
• zkompilovat syslog-ng

  ./configure --prefix=/usr/local --sysconfdir=/etc/syslog-ng
  make
  make install

options { sync (0);
          time_reopen (10);
          log_fifo_size (1000);
          long_hostnames (off);
          use_dns (no);
          use_fqdn (no);
          create_dirs (no);
          keep_hostname (yes);
        };


source s_udp {
    udp(ip("0.0.0.0") port(514));
};

destination d_mysql {
   pipe("/var/log/mysql.pipe"
     template("INSERT INTO logs
               (host, facility, priority, level, tag, datetime, program, msg)
                VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG', '$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC',
                '$PROGRAM', '$MSG' );\n") template-escape(yes));
};

log {
    source(s_udp);
    destination(d_mysql);
};

#!/bin/bash
#
# syslog-ng
#
#
# chkconfig: - 12 88
# description: Syslog is the facility by which many daemons use to log \
#     messages to various system log files.  It is a good idea to always \
#     run syslog.
#

# Source function library.
. /etc/init.d/functions

PROG="syslog-ng"
PROG_DESC="syslog-ng"

[ -f /sbin/$PROG ] || exit 0

# Source config
if [ -f /etc/sysconfig/$PROG ] ; then
        . /etc/sysconfig/$PROG
else
        SYSLOGNG_OPTIONS=""
fi

RETVAL=0

umask 077

start() {
        echo -n $"Starting $PROG_DESC: "
        daemon $PROG $SYSLOGNG_OPTIONS
        RETVAL=$?
        echo
        [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$PROG
        return $RETVAL
}
stop() {
        echo -n $"Shutting down $PROG_DESC: "
        killproc $PROG
        RETVAL=$?
        echo
        [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$PROG
        return $RETVAL
}
rhstatus() {
        status $PROG
}
restart() {
        stop
        start
}

case "$1" in
  start)
        start
        ;;
  stop)
        stop
        ;;
  status)
        rhstatus
        ;;
  restart|reload)
        restart
        ;;
  condrestart)
        [ -f /var/lock/subsys/$PROG ] && restart || :
        ;;
  *)
        echo $"Usage: $0 {start|stop|status|restart|condrestart}"
        exit 1
esac

exit $?

#
# Created by Tadghe Patrick Danu 
#
#!/bin/bash

if [ -e /tmp/mysql.pipe ]; then
while [ -e /tmp/mysql.pipe ]
do
mysql -u theuserid --password=thepassword syslogdb < /tmp/mysql.pipe
done
else
mkfifo /tmp/mysql.pipe
fi