Hello. I have downloaded and installed your version of the PHP front
end for syslog-ng.
The install went smoothly without any errors. Everything seems to be
running without issues; logrotation.php & reloadcache.php are in cron
and not producing any errors. The issue I am having is with searching
logs older logs outside of the current logs table. Below are a list of
the current logs:
[EMAIL PROTECTED] syslog]# ls -l logs200707*
-rw-rw---- 1 mysql mysql 8826 Jul 10 21:38 logs20070711.frm
-rw-rw---- 1 mysql mysql 265082432 Jul 12 18:19 logs20070711.MYD
-rw-rw---- 1 mysql mysql 95431680 Jul 13 00:00 logs20070711.MYI
-rw-rw---- 1 mysql mysql 8826 Jul 11 00:00 logs20070712.frm
-rw-rw---- 1 mysql mysql 1508356864 Jul 12 18:19 logs20070712.MYD
-rw-rw---- 1 mysql mysql 322771968 Jul 13 00:00 logs20070712.MYI
-rw-rw---- 1 mysql mysql 8826 Jul 12 00:00 logs20070713.frm
-rw-rw---- 1 mysql mysql 1674447160 Jul 13 00:01 logs20070713.MYD
-rw-rw---- 1 mysql mysql 358063104 Jul 13 00:08 logs20070713.MYI
The issue I am is with the SQL queries for the logs outside the current
table logs. If I do a search for a host in a previous day's log, I get
the following message:
No results found.
BACK TO SEARCH
The query is as follows:
SELECT SQL_CALC_FOUND_ROWS * FROM logs20070711 WHERE host in
('xxxxx.com') and datetime > '2007-07-13 00:00:00' ORDER BY datetime
DESC LIMIT 0, 100
The issue seems to be with the datetime portion. It is calling for a
date / time that is for the current day and not the 11th of July. Also
the entries in the table are for the 10th. Below is the query with the
datetime adjusted:
mysql> SELECT SQL_CALC_FOUND_ROWS * FROM logs20070711 WHERE host in
('xxx.com') and datetime < '2007-07-11 00:00:00' ORDER BY datetime
DESC LIMIT 0, 2 ;
+--------------------------+----------+----------+---------+------+---------------------+---------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------+
| host | facility | priority | level | tag |
datetime | program |
msg
| seq |
+--------------------------+----------+----------+---------+------+---------------------+---------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------+
| lxxx.com | local7 | warning | warning | bc | 2007-07-10 23:59:21
| Jul | Jul 10 2007 23:59:21 xxx.com : %FWSM-4-106023: Deny icmp src
outside:61.211.179.67 dst vlan17:1.1.1.1 (type 3, code 3) by
access-group "outside" [0x0, 0x0] | 1233429 |
| xxx.com | local7 | warning | warning | bc | 2007-07-10 23:59:21 |
Jul | Jul 10 2007 23:59:21 xxx.com : %FWSM-4-106023: Deny icmp src
outside:61.211.179.67 dst vlan17:1.1.1.1 (type 3, code 3) by
access-group "outside" [0x0, 0x0] | 1233430 |
+--------------------------+----------+----------+---------+------+---------------------+---------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------+
2 rows in set (2.00 sec)
I am not sure if anyone else has reported this issue or not. I have
Google'd this to death and I am not seeing any other folks with this
error. Any thought? Thanks in advance.
-Patrick
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Php-syslog-ng-support mailing list
Php-syslog-ng-support@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/php-syslog-ng-support
