Back to your phpLogCon instanceHi
I'm trying to work out a search query to display the severity level of CRIT for the last 24 hours, and my skills in this area are very poor.
Had a look at the website and found the info on searching, but was unable to come up with a query to perform the above.
I know the query needs to have the following:
severity:CRIT and datelastx:3
How can I combine them to display this search result?
Many thanks.
Search Query
8 posts • Page 1 of 1
phpLogCon professional services
- Custom phpLogCon configuration?
- Maintenance Contract?
- Installation support?
Re: Search Query
by rgerhards » Tue Mar 24, 2009 8:59 am
Have you seen the advanced search pane ( http://demo.phplogcon.org/search.php ) - there you can build complex searches. You will see the result once you have submitted it.
Does this help?
Rainer
Does this help?
Rainer
-
rgerhards - Site Admin
- Posts: 2647
- Joined: Thu Feb 13, 2003 11:57 am
Re: Search Query
by kpawson » Tue Mar 24, 2009 10:44 am
Well now that's embarrassing 
Thanks for this, I think this will b more than enough, although I may need to upgrade my version as the dates did not pop up like they do on your demo site.
Is the latest beta version OK to run in a non critical production environment, I notice most of the posts seem to have people using the beta and advising to upgrade to this version to sort out things?
Thanks again for your help and excellent product.
Thanks for this, I think this will b more than enough, although I may need to upgrade my version as the dates did not pop up like they do on your demo site.
Is the latest beta version OK to run in a non critical production environment, I notice most of the posts seem to have people using the beta and advising to upgrade to this version to sort out things?
Thanks again for your help and excellent product.
rgerhards wrote:Have you seen the advanced search pane ( http://demo.phplogcon.org/search.php ) - there you can build complex searches. You will see the result once you have submitted it.
Does this help?
Rainer
- kpawson
- New
- Posts: 6
- Joined: Tue Mar 24, 2009 12:03 am
Re: Search Query
by rgerhards » Tue Mar 24, 2009 10:48 am
no need to be embarrassed 
Andre just created a new stable version out of the previous beta. Well, actually, he is just upgrading the beta to be the previous devel, so currently the beta is equal to the stable. In other words: if you pull the latest stable from the phpLogCon site, you *now* (more precisely since friday afternoon), you get the new features
Rainer
Andre just created a new stable version out of the previous beta. Well, actually, he is just upgrading the beta to be the previous devel, so currently the beta is equal to the stable. In other words: if you pull the latest stable from the phpLogCon site, you *now* (more precisely since friday afternoon), you get the new features
Rainer
-
rgerhards - Site Admin
- Posts: 2647
- Joined: Thu Feb 13, 2003 11:57 am
Re: Search Query
by alorbach » Tue Mar 24, 2009 10:51 am
Actually there will be another bugfix release for the 2.6 stable branch today, which also includes a bugfix in the filtering area when using multiple filters on the same field. So I would recommend to upgrade to this version once it is available.
best regards,
Andre
best regards,
Andre
-
alorbach - Site Admin
- Posts: 1129
- Joined: Thu Feb 13, 2003 11:55 am
Re: Search Query
by kpawson » Thu Apr 09, 2009 1:52 am
Thanks for your help, I've now upgraded to version 2.62 and it seems to work well except for when I do the advanced search function, sometimes it works and other times it takes a long time and then gives me an error. The search I'm doing is "datelastx:3 severity:0,1,2".
See image:
My servers Memory is maxed out when this search is performed - I'm running phpLogcon on a Debian system with MySQL and it has 1.2GB of Ram.
The DB should no be that big have been logging for about 6 months.
Thanks
See image:
- phplogconerror.jpg (34.18 KiB) Viewed 339 times
My servers Memory is maxed out when this search is performed - I'm running phpLogcon on a Debian system with MySQL and it has 1.2GB of Ram.
The DB should no be that big have been logging for about 6 months.
Thanks
- kpawson
- New
- Posts: 6
- Joined: Tue Mar 24, 2009 12:03 am
Re: Search Query
by alorbach » Thu Apr 09, 2009 11:32 am
You can try to increment the script timeout in the Admin Center. And please check the actual size of your database, you can do this in the Sources Admin, there is a statistic button available for each configured source.
best regards,
Andre Lorbach
best regards,
Andre Lorbach
-
alorbach - Site Admin
- Posts: 1129
- Joined: Thu Feb 13, 2003 11:55 am
Re: Search Query
by kpawson » Fri May 01, 2009 9:41 am
Thanks Andre
Thought I would update this post with my resolution for others.
I exported the DB and then cleaned it up (reduced the rows and size) and have implemented a schedule to carry out this operation on a bi-monthly basis for now. If required I can look up the old data in another SQL server I have.
The UserDB and admin section certainly enhances phplogcon, I don't know why I didn't install this from day 0.
I'm really loving this application now that I've got my head around it, keep up the great work guys.
Some feedback and/or wishlist items for phplogcon would be an automated Archiving system (I noticed you mentioned this at http://wiki.rsyslog.com/index.php/PhpLo ... te_Records).
Some tutorials, like the rsyslog video's for phplogcon would be great, perhaps a demo on setting up secure syslog configurations.
Thanks again
Cheers
Keith
Thought I would update this post with my resolution for others.
I exported the DB and then cleaned it up (reduced the rows and size) and have implemented a schedule to carry out this operation on a bi-monthly basis for now. If required I can look up the old data in another SQL server I have.
The UserDB and admin section certainly enhances phplogcon, I don't know why I didn't install this from day 0.
I'm really loving this application now that I've got my head around it, keep up the great work guys.
Some feedback and/or wishlist items for phplogcon would be an automated Archiving system (I noticed you mentioned this at http://wiki.rsyslog.com/index.php/PhpLo ... te_Records).
Some tutorials, like the rsyslog video's for phplogcon would be great, perhaps a demo on setting up secure syslog configurations.
Thanks again
Cheers
Keith
- kpawson
- New
- Posts: 6
- Joined: Tue Mar 24, 2009 12:03 am
Google Ads
8 posts • Page 1 of 1
Who is online
Users browsing this forum: kpawson and 0 guests
