diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2011-02-25 13:06:20 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2011-02-25 13:23:32 +0100 |
commit | 869f1640e807f1fda4c410fe517d1aa8d74af6cf (patch) | |
tree | a6a00b9f3b09fa579ce9388cebcacf389105bad4 /ulogd.conf.in | |
parent | 8f7bb61fc97ddea2f9601f51cbccdde18bcf11fd (diff) |
sqlite3: add configuration examples and new tables layout
This patch adds two configuration examples for sqlite3 to log
flows and packets.
We use two tables, one for packet logging information, and
another for flow-based information.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'ulogd.conf.in')
-rw-r--r-- | ulogd.conf.in | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/ulogd.conf.in b/ulogd.conf.in index d944c92..b7b714b 100644 --- a/ulogd.conf.in +++ b/ulogd.conf.in @@ -39,6 +39,7 @@ plugin="@pkglibexecdir@/ulogd_filter_PRINTFLOW.so" plugin="@pkglibexecdir@/ulogd_output_LOGEMU.so" plugin="@pkglibexecdir@/ulogd_output_SYSLOG.so" plugin="@pkglibexecdir@/ulogd_output_XML.so" +#plugin="@pkglibexecdir@/ulogd_output_SQLITE3.so" #plugin="@pkglibexecdir@/ulogd_output_OPRINT.so" #plugin="@pkglibexecdir@/ulogd_output_NACCT.so" #plugin="@pkglibexecdir@/ulogd_output_PCAP.so" @@ -95,6 +96,11 @@ plugin="@pkglibexecdir@/ulogd_raw2packet_BASE.so" # this is a stack for flow-based logging to PGSQL without local hash #stack=ct1:NFCT,ip2str1:IP2STR,pgsql3:PGSQL +# this is a stack for flow-based logging to SQLITE3 +#stack=ct1:NFCT,sqlite3_ct:SQLITE3 + +# this is a stack for logging packet to SQLITE3 +#stack=log1:NFLOG,sqlite3_pkt:SQLITE3 # this is a stack for flow-based logging in NACCT compatible format #stack=ct1:NFCT,ip2str1:IP2STR,nacct1:NACCT @@ -216,6 +222,16 @@ table="ulog" pass="ulog2" procedure="INSERT_PACKET_FULL" +[sqlite3_ct] +table="ulog_ct" +db="/var/log/ulogd.sqlite3db" +buffer=200 + +[sqlite3_pkt] +table="ulog_pkt" +db="/var/log/ulogd.sqlite3db" +buffer=200 + [sys2] facility=LOG_LOCAL2 |