From fe94c67310a33ae703609384b896c8837765dcb2 Mon Sep 17 00:00:00 2001 From: laforge Date: Wed, 9 Feb 2005 17:19:34 +0000 Subject: add documentation about sqlite3 and SYSLOG --- ulogd/doc/ulogd.sgml | 63 ++++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 56 insertions(+), 7 deletions(-) diff --git a/ulogd/doc/ulogd.sgml b/ulogd/doc/ulogd.sgml index 73bb462..6748ed8 100644 --- a/ulogd/doc/ulogd.sgml +++ b/ulogd/doc/ulogd.sgml @@ -1,17 +1,17 @@ - +
ULOGD - the Userspace Logging Daemon Harald Welte <laforge@gnumonks.org> -Revision $Revision: 1.9 $, $Date: 2003/08/23 17:52:37 $ +Revision $Revision$, $Date$ This is the documentation for ulogd, the Userspace logging daemon. ulogd makes use of the Linux >= 2.4.x packet filter subsystem (iptables) and -the ULOG target for iptables +the ULOG target for iptables. @@ -316,6 +316,8 @@ Name of the table to which ulogd should log Name of the mysql database host Name of the mysql database host +port +TCP port number of mysql database server user Name of the mysql user pass @@ -329,7 +331,7 @@ if you have the mysql libraries installed, and the configure script was able to detect them. (that is: --with-pgsql was specified for ./configure)

The plugin automagically inserts the data into the configured table; It -connects to mysql during the startup phase of ulogd and obtains a list of the +connects to pgsql during the startup phase of ulogd and obtains a list of the columns in the table. Then it tries to resolve the column names against keys of interpreter plugins. This way you can easly select which information you want to log - just by the layout of the table.

@@ -347,13 +349,15 @@ The module defines the following configuration directives: table Name of the table to which ulogd should log db -Name of the mysql database +Name of the database host Name of the mysql database host +port +TCP port number of database server user -Name of the mysql user +Name of the sql user pass -Password for mysql +Password for sql user ulogd_PCAP.so @@ -373,6 +377,51 @@ synchronously. This may reduce performance, but makes your packets appear immediately in the file on disk. The default is 0 +ulogd_SQLITE3.so +

+An output plugin for logging into a SQLITE v3 database. This is only compiled +if you have the sqlite libraries installed, and the configure script was able to +detect them. (that is: --with-sqlite3 was specified for ./configure)

+ +The plugin automagically inserts the data into the configured table; It +opens the sqlite db during the startup phase of ulogd and obtains a list of the +columns in the table. Then it tries to resolve the column names against keys of +interpreter plugins. This way you can easly select which information you want +to log - just by the layout of the table.

+ +If, for example, your table contains a field called 'ip_saddr', ulogd will +resolve this against the key 'ip.saddr' and put the ip address as 32bit +unsigned integer into the table.

+ +You may want to have a look at the file 'doc/sqlite3.table' as an +example table including fields to log all keys from ulogd_BASE.so. Just delete +the fields you are not interested in, and create the table.

+ +The module defines the following configuration directives: + +table +Name of the table to which ulogd should log +db +Name of the database +buffer +Size of the sqlite buffer + + + +ulogd_SYSLOG.so +

+An output plugin that really logs via syslogd. Lines will look exactly like printed with traditional LOG target. +

+

+The module defines the following configuration directives: + +facility +The syslog facility (LOG_DAEMON, LOG_KERN, LOG_LOCAL0 .. LOG_LOCAL7, LOG_USER) +level +The syslog level (LOG_EMERG, LOG_ALERT, LOG_CRIT, LOG_ERR, LOG_WARNING, LOG_NOTICE, LOG_INFO, LOG_DEBUG) + + + QUESTIONS / COMMENTS

All comments / questions / ... are appreciated. -- cgit v1.2.3