sowamazing

## gist:93309591fb292395fcd7
parser p_db {

        db-parser(file("/etc/syslog-ng/ssh.xml"));

};

template LogglyFormat { template("<${PRI}>1 ${ISODATE} ${HOST} ${PROGRAM} ${PID} ${MSGID} [abcd1234-aaaa-bbbb-1234-1234abcd1234@41058] $MSG $(format_json --scope nv_pairs)\n");};

destination d_loggly { tcp("logs-01.loggly.com" port(514) template(LogglyFormat)); };

## gist:8572ca92c7e953796475
json.usracct.username:root

## gist:1c17b35f68784593d502
source s_windows {

	syslog();

};

template LogglyFormat { template("<${PRI}>1 ${ISODATE} ${HOST} ${PROGRAM} ${PID} ${MSGID} [abcd1234-aaaa-bbbb-1234-1234abcd1234@41058] $(format_json --scope sdata --scope selected_macros)\n");};

destination d_loggly { tcp("logs-01.loggly.com" port(514) template(LogglyFormat)); };

## gist:54e34cf148230362d52e
source s_apache {
    file("/var/log/apache2/spike2-access.log" flags(no-parse));
};

parser p_apache {
    csv-parser(columns("APACHE.CLIENT_IP", "APACHE.IDENT_NAME", "APACHE.USER_NAME",
                    "APACHE.TIMESTAMP", "APACHE.REQUEST_URL", "APACHE.REQUEST_STATUS",
                    "APACHE.CONTENT_LENGTH", "APACHE.REFERER", "APACHE.USER_AGENT",
                    "APACHE.PROCESS_TIME", "APACHE.SERVER_NAME")
                flags(escape-double-char,strip-whitespace)

## Built-in Logging 1
<?php
function logData($message) {
  openlog('php', LOG_CONS | LOG_NDELAY | LOG_PID, LOG_USER | LOG_PERROR);
  syslog(LOG_EMERG, $message);
  closelog();
}
logData(“Unable to connect to MySQL database”);

## Built-in Logging 2
Nov 25 21:48:31 Matts-Mac-2.local php[16563]: Unable to connect to MySQL database

## Built-in Logging 3
SeverityID, [DateTime #pid] SeverityLabel -- ProgName: message

## Built-in Logging 4
I, [1999-03-03T02:34:24.895701 #19074]  INFO -- Main: info.

## Built-in Logging 5
logger.formatter = proc do |severity, datetime, progname, msg|
  "#{datetime}: #{msg}\n"
end

# e.g. "2005-09-22 08:51:08 +0900: hello world"

## Built-in Logging 6
require 'syslog'
require 'logger'
def log(message, priority)
  logger = Logger.new(STDERR)
  logger.level = Logger::WARN
  logger.formatter = proc do |severity, datetime, progname, msg|
    "#{datetime}: #{msg}\n"
  end
  case priority
    when "debug"
	parser p_db {

	db-parser(file("/etc/syslog-ng/ssh.xml"));

	};

	template LogglyFormat { template("<${PRI}>1 ${ISODATE} ${HOST} ${PROGRAM} ${PID} ${MSGID} [abcd1234-aaaa-bbbb-1234-1234abcd1234@41058] $MSG $(format_json --scope nv_pairs)\n");};

	destination d_loggly { tcp("logs-01.loggly.com" port(514) template(LogglyFormat)); };
	source s_windows {

	syslog();

	};

	template LogglyFormat { template("<${PRI}>1 ${ISODATE} ${HOST} ${PROGRAM} ${PID} ${MSGID} [abcd1234-aaaa-bbbb-1234-1234abcd1234@41058] $(format_json --scope sdata --scope selected_macros)\n");};

	destination d_loggly { tcp("logs-01.loggly.com" port(514) template(LogglyFormat)); };
	source s_apache {
	file("/var/log/apache2/spike2-access.log" flags(no-parse));
	};

	parser p_apache {
	csv-parser(columns("APACHE.CLIENT_IP", "APACHE.IDENT_NAME", "APACHE.USER_NAME",
	"APACHE.TIMESTAMP", "APACHE.REQUEST_URL", "APACHE.REQUEST_STATUS",
	"APACHE.CONTENT_LENGTH", "APACHE.REFERER", "APACHE.USER_AGENT",
	"APACHE.PROCESS_TIME", "APACHE.SERVER_NAME")
	flags(escape-double-char,strip-whitespace)
	<?php
	function logData($message) {
	openlog('php', LOG_CONS \| LOG_NDELAY \| LOG_PID, LOG_USER \| LOG_PERROR);
	syslog(LOG_EMERG, $message);
	closelog();
	}
	logData(“Unable to connect to MySQL database”);
	logger.formatter = proc do \|severity, datetime, progname, msg\|
	"#{datetime}: #{msg}\n"
	end

	# e.g. "2005-09-22 08:51:08 +0900: hello world"
	require 'syslog'
	require 'logger'
	def log(message, priority)
	logger = Logger.new(STDERR)
	logger.level = Logger::WARN
	logger.formatter = proc do \|severity, datetime, progname, msg\|
	"#{datetime}: #{msg}\n"
	end
	case priority
	when "debug"