While logging to a database back-end has its benefits, the setup as it stands leaves us wanting. Some applications, such as Apache, do not log via syslog-ng by default. The good news is that this can be easily remedied, and there are a couple of different ways of doing this. First, the less good way:
Method #1: Changing the Apache configuration file.
First, we need to setup syslog-ng appropriately by creating a new source for apache, such as the following:
source s_apache {
unix-stream("/var/log/apache2/apache_log.socket"
max-connections(512)
keep-alive(yes));
};
log { source(s_apache); destination(d_pgsql); };
This recycles the original destination for …
[Read more]