Hi I log the maillog to a mysql table using syslog-ng. I could split up the below line to time,date,host,msg (time,date,host are missing in this example - only msg is visible).
spamd[29483]: result: Y 3 - FORGED_RCVD_HELO,MISSING_MIMEOLE,NO_RDNS2,SMILEY,VOWEL_FROM_7 scantime=0.4,size=2439,mid=<[EMAIL PROTECTED]>, autolearn=no now I got this error "ERROR 1054 (42S22) at line 45: Unknown column 'result' in 'field list'" when logging to syslog-ng, MySQL respectively. The question I have is, how can I split up the fields? I expecially need the spam description (FORGED_RCVD_HELO,MISSING_MIMEOLE,NO_RDNS2,SMILEY,VOWEL_FROM_7) in a single column. how do I have to split this up? what is the delimiter? thank you Philipp
