I am trying to log remote events to a mysql db sitting on a central rsyslog server (v5.10.1-0.7.49 - This is the default version in SLES11sp3). I have tried logging to a file and that works:
:fromhost-ip, isequal, "147.110.250.217" /var/log/remotefile
& ~
But when I try to change it to a mysql db it fails with a syntax error:
:fromhost-ip, isequal, "x.x.x.x":ommysql:localhost,Syslog,user,pwd
& ~
Error:
Feb 20 11:16:27 idm-syslog rsyslogd: the last error occured in /etc/rsyslog.conf, line 61:":fromhost-ip, isequal, "147.110.250.217" :ommysql:localhost,Syslog,rsyslog,identity" Feb 20 11:16:27 idm-syslog rsyslogd-2124: CONFIG ERROR: could not interpret master config file '/etc/rsyslog.conf'. [try http://www.rsyslog.com/e/2124 ]
Ultimately, I would like to log both to file and mysql, can I do this in a single command or must I use multiple ones ?
Thanks
