1.ติดตั้ง Syslog-NG ที่ Log Server และ Server อื่น ๆ ที่เป็น linux apt-get install syslog-ng 2.Config Log Server (/etc/syslog-ng/syslog-ng.conf) options { recv_time_zone (+07:00); send_time_zone (+07:00); sync (0); time_reopen (100); log_fifo_size (1000); long_hostnames (off); use_dns (no); use_fqdn (no); create_dirs (yes); chain_hostnames(yes); keep_hostname (yes); }; source s_sys { file ("/proc/kmsg" log_prefix("kernel: ")); unix-stream ("/dev/log"); internal(); #udp(ip(0.0.0.0) port(514)); #tcp(ip(0.0.0.0) port(514) keep-alive(yes)); }; destination d_mysql { pipe("/var/log/mysql.pipe" template("INSERT INTO logs (host, facility, priority, level, tag, datetime, program, msg) VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG', '$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC', '$PROGRAM', '$MSG' );\n") template-escape(yes)); }; filter f_filter1 { facility (kern); }; filter f_f