Data Collection Method(2)

Socket Method

It opens a TCP socket and collects the data that are inserted through the socket. Set the port number that is not currently used. For FILE or SFTP method, it collects data directly, but for SOCKET method, it processes the inserted data only. It can receive data by other programs that send data or log collectors such as rsyslog, logstash or nxlog.

Setup Additional Values

When receiving data with SOCKET method, it only modifies the SOCKET_PORT setting to use this method.

Name of variable Description Other information
SOCKET_PORT Local port number that receives data It specifies a port number that is not currently used in a local host where the collector will be operated.

Example

Example: Setting Up Collector

It shows how to collect data by using SOCKET method. This method only opens a socket and in a waiting position so that it requires a program to insert data. When collecting syslog, it is strong possibility that rsyslog exists as well. Now, it collects syslog files by changing the settings of rsyslog a bit for the sake of convenience. Data transmission is the role of other programs, so hand over the job of accessing the file to other programs. In this example, we only set rgx and tpl files. Syslog data are inserted and the format of log data is "Feb 18 07:42:37 localhost anacron: Job `cron.daily' terminated" which is specified in syslog.rgx. The order of the format is in date, name of host and message. Date format is in "month, date and time". For the port number to receive data, use a random number that is not being used. A random number, 33333 is chosen here. Create socket_syslog.tpl by using syslog.tpl as we are using syslog.rgx again. Changed contents are highlighted in the example below.

###############################################################################
# Copyright of this product 2013-2023,
# Machbase Corporation (Incorporation) or its subsidiaries.
# All Rights reserved
###############################################################################

# This file is for Machbase collector template file.

###################################################################
# Collect setting
###################################################################

COLLECT_TYPE=SOCKET

SOCKET_PORT=33333

###################################################################
# Process setting
###################################################################

REGEX_PATH=syslog.rgx

###################################################################
# Output setting
###################################################################

DB_TABLE_NAME = "socket_syslogtable"
DB_ADDR = "127.0.0.1"
DB_PORT = 5656
DB_USER = "SYS"
DB_PASS = "MANAGER"

# 0: Direct insert
# 1: Prepared insert
# 2: Append
APPEND_MODE=2

# 0: None, just append.
# 1: Truncate.
# 2: Try to create table. If table already exists, warn it and proceed.
# 3: Drop and create.
CREATE_TABLE_MODE=2

Run the collector by using the socket_syslog.tpl.

[mach@localhost ~]$ iq
=================================================================
Machbase Client Query Utility
Release Version 3.5.0.b0fb4e1.official
Copyright 2015, Machbase Inc. or its subsidiaries.
All Rights Reserved.
=================================================================
MACH_CONNECT_MODE=INET, PORT=5656
mach> create collector localhost.socket_syslog from "/home/mach/mach_collector_home/collector/socket_syslog.tpl";
Created successfully.
Elapsed Time : 0.049
mach> alter collector localhost.socket_syslog start;
Altered successfully.
Elapsed Time : 0.044
mach>

Now, you can check whether it is properly operated by checking the status of the port after running the collector. Execute the command below.

[mach@localhost ~]$ netstat -anp | grep "LISTEN " | grep 33333
(Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.)
tcp 0 0 0.0.0.0:33333 0.0.0.0:* LISTEN 20818/machcollecto
[mach@localhost ~]$

It shows that the port number 33333 is being used. Transmit data to the collector via rsyslog. Suppose that the user is logged in with the root account and proceed the settings of rsyslog. In the case of rsyslog, it sends not only the stored data to the database, but also has the way to send the data the collector as soon as syslogs occur. The example below shows how to send data with the configuration file.

*.* @@127.0.0.1:33333

When type in the contents above in "/etc/rsyslog.d/.conf" directory and restart rsyslog, it sends data which were only created henceforward to the collector. The example below shows how to collect syslog files by using rsyslog as planned.

$ModLoad imfile

$InputFileName /var/log/syslog
$InputFileTag syslog_file:
$InputFileStateFile stat-syslog
$InputFilePollInterval 1
$InputRunFileMonitor

if $programname == 'syslog_file' then @@127.0.0.1:33333

Add the settings above to "/etc/rsyslog.d/127.0.0.1_syslog.conf" directory and then restart rsyslog to apply the changes.

# service rsyslog restart
rsyslog stop/waiting
rsyslog start/running, process 22936

When rsyslog is restarted, rsyslog daemon inserts data into "/var/log/syslog" via port 33333. The collector analyzes the data and stores them in the Machbase, and it can be check by accessing the Machbase database as well. Data insertion may take longer than expected due to the previously defined option of $InputFilePollInterval 1 or rsyslog which is the default setting. If data are inserted properly, a table will be created automatically if there is none. The results below show that 10 lines from the oldest data are properly displayed.

mach> select * from socket_syslogtable order by _arrival_time asc limit 10;
COLLECTOR_TYPE COLLECTOR_ADDR
-----------------------------------------------------
COLLECTOR_ORIGIN COLLECTOR_OFFSET
----------------------------------------------------------------------------------------------------------
TM HOST
---------------------------------------------------------------------------------------------------------------------
MSG
------------------------------------------------------------------------------------
SOCKET 127.0.0.1
NULL 1
2016-06-28 23:50:17 000:000:000 localhost
syslog_file: Jun 20 04:31:43 localhost kernel: imklog 5.8.10, log source = /proc
/kmsg started.
SOCKET 127.0.0.1
NULL 2
2016-06-28 23:50:17 000:000:000 localhost
syslog_file: Jun 20 04:31:43 localhost rsyslogd: [origin software="rsyslogd" swV
ersion="5.8.10" x-pid="15062" x-info="http://www.rsyslog.com"] start
SOCKET 127.0.0.1
NULL 3
2016-06-28 23:50:17 000:000:000 localhost
syslog_file: Jun 20 04:31:46 localhost kernel: imklog 5.8.10, log source = /proc/kmsg started.
SOCKET 127.0.0.1
NULL 4
2016-06-28 23:50:17 000:000:000 localhost
syslog_file: Jun 20 04:35:01 localhost CROND[15111]: (root) CMD (LANG=C LC_ALL=C
/usr/bin/mrtg /etc/mrtg/mrtg.cfg --lock-file /var/lock/mrtg/mrtg_l --confcache-
file /var/lib/mrtg/mrtg.ok)
SOCKET 127.0.0.1
NULL 5
2016-06-28 23:50:17 000:000:000 localhost
syslog_file: Jun 20 04:40:01 localhost CROND[15188]: (root) CMD (LANG=C LC_ALL=C
/usr/bin/mrtg /etc/mrtg/mrtg.cfg --lock-file /var/lock/mrtg/mrtg_l --confcache-
file /var/lib/mrtg/mrtg.ok)
SOCKET 127.0.0.1
NULL 6
2016-06-28 23:50:17 000:000:000 localhost
syslog_file: Jun 20 04:40:01 localhost CROND[15187]: (root) CMD (/usr/lib64/sa/s
a1 1 1)
SOCKET 127.0.0.1
NULL 7
2016-06-28 23:50:17 000:000:000 localhost
syslog_file: Jun 20 04:45:01 localhost CROND[15265]: (root) CMD (LANG=C LC_ALL=C
/usr/bin/mrtg /etc/mrtg/mrtg.cfg --lock-file /var/lock/mrtg/mrtg_l --confcache-
file /var/lib/mrtg/mrtg.ok)
SOCKET 127.0.0.1
NULL 8
2016-06-28 23:50:17 000:000:000 localhost
syslog_file: Jun 20 04:50:01 localhost CROND[15341]: (root) CMD (LANG=C LC_ALL=C
/usr/bin/mrtg /etc/mrtg/mrtg.cfg --lock-file /var/lock/mrtg/mrtg_l --confcache-
file /var/lib/mrtg/mrtg.ok)
SOCKET 127.0.0.1
NULL 9
2016-06-28 23:50:17 000:000:000 localhost
syslog_file: Jun 20 04:50:01 localhost CROND[15342]: (root) CMD (/usr/lib64/sa/s
a1 1 1)
SOCKET 127.0.0.1
NULL 10
2016-06-28 23:50:17 000:000:000 localhost
syslog_file: Jun 20 04:55:01 localhost CROND[15419]: (root) CMD (LANG=C LC_ALL=C
/usr/bin/mrtg /etc/mrtg/mrtg.cfg --lock-file /var/lock/mrtg/mrtg_l --confcache-
file /var/lib/mrtg/mrtg.ok)
[10] row(s) selected.
Elapsed Time : 2.104
mach>

Example: Setting Up Log Collector

For SOCKET method, examples are provided for describing how to set log collectors. In this chapter, examples of rsyslog, logstash and nxlog are only provided. When log data are inserted through TCP protocol for even other collectors and programs, it works properly.

RSYSLOG

rsyslog is basically included in the latest Linux distributions. Thus, it is easily connected with the collector by simple settings. The settings are required to add files with ".conf" format into /etc/rsyslog.d directory. When new files are added, it is required to re-start "rsyslog" to apply the changes.

All the setting files in /etc/rsyslog.d are integrated into the same layer so that cautious must be exercised with the same name being used when naming internal variables.

In the case of rsyslog, it sends not only the stored data to the database, but also has the method to send the data the collector as soon as syslogs occur. See below for how to transmit data.

Direct Transmission: It simply specifies a transmission path when logs are created. This a simpler method compared to other methods.

*.* @@<Collector host>:<Collector port>

Format shown above has the same format with the regular expressions provided as default. In the example below, input the relevant values to and . When you input the information above into "/etc/rsyslog.d/.conf" path and re-start rsyslog, it sends all the subsequently created syslogs to the collectors. In addition, it is possible to collect specified logs by locating . in the front of the line.

Send It After Collecting Files: It simply specifies a transmission path when logs are created. This a simpler method compared to other methods.

*.* @@<Collector host>:<Collector port>

Send It After Collecting Files: It collects created syslog files by using rsyslog.

$ModLoad imfile

$InputFileName /var/log/syslog
$InputFileTag syslog_file:
$InputFileStateFile stat-syslog
$InputFilePollInterval 1
$InputRunFileMonitor

if $programname == 'syslog_file' then @@<Collector host>:<Collector port>

The location of configuration file is "/etc/rsyslog.d" and the files with ".conf" format will be stored. Enter the path of the file in "$InputFileName". The example above used "/var/log/syslog" for collecting syslogs. $InputFileTag is required to redirect specified files into desired locations. "$InputFilePoolInterval" sets the interval of collecting files. If you add "$InputRunFileMonitor" along with other commands, it monitors files consistently in order to collect files.

Logstash

It describes "Logstash" which is frequently used for the ELK stack. Please refer to Getting Started with Logstash for installation.

You can specify and execute the configuration file of Logstash. Therefore, it is able to create files with conf extension in a desired location. See below for detailed information about conf file.

input {
   file {
      path => "<Absolute path of log file>"
      }
   }
output {
   tcp {
      host => "<Collector host>"
      port => "<Collector port>"
        }
      }

In the "input" part above, it sets configurations for data collection. To receive files inside the "input", specify desired files for collection in the "path" under the "file". If you want to collect syslog, you can set it as /var/log/syslog. In the "output" part, it sets the configuration for sending data. In the example above, TCP protocol was used to send data by SOCKET collector, and data can be sent by simply inserting the relevant values into and .

Nxlog

NXLOG is a universal log collector for Windows. Let's check how to input Windows messages through a socket by using nxlog. Modify rgx and values of target table only for collector settings.

###############################################################################
# Copyright of this product 2013-2023,
# Machbase Corporation (Incorporation) or its subsidiaries.
# All Rights reserved
###############################################################################

#
# This file is for Machbase collector template file.
#

###################################################################
# Collect setting
###################################################################

COLLECT_TYPE=SOCKET

SOCKET_PORT=33333

###################################################################
# Process setting
###################################################################

REGEX_PATH=nxlog.rgx

###################################################################
# Output setting
###################################################################

DB_TABLE_NAME = "nxlog_table"
DB_ADDR = "127.0.0.1"
DB_PORT = 5656
DB_USER = "SYS"
DB_PASS = "MANAGER"

# 0: Direct insert
# 1: Prepared insert
# 2: Append
APPEND_MODE=2

# 0: None, just append.
# 1: Truncate.
# 2: Try to create table. If table already exists, warn it and proceed.
# 3: Drop and create.
CREATE_TABLE_MODE=2

By default, rgx is provided to parse simple Windows messages of nxlog. Set the path of rgx file to "nxlog.rgx" and change the table name where data are inserted, and then execute the collector with tpl file. The settings of the collector are now done. Let's take a look at the configuration of nxlog that will send data. Nxlog will be installed in "C:\Program Files\nxlog" or "C:\Program Files (x86)\nxlog" depends on your operating system. Modify conf and nxlog files located in the directory and set the configuration.

## This is a sample configuration file. See the nxlog reference manual about the
## configuration options. It should be installed locally and is also available
## online at http://nxlog-ce.sourceforge.net/nxlog-docs/en/nxlog-reference-manual.html


## Set the ROOT to the folder your nxlog was installed,
## otherwise it will not start.


#define ROOT C:\Program Files\nxlog
define ROOT C:\Program Files\nxlog


Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
LogFile %ROOT%\data\nxlog.log


<Input in>
Module im_msvistalog
# For windows 2003 and earlier use the following:
# Module im_mseventlog
</Input>


<Output out>
Module om_tcp
Host <Collector host>
Port <Collector port>
</Output>


<Route 1>
Path in => out
</Route>

It is the example of nxlog file. The example shows that "im_msvistalog" is inserted and send data to the collector. When you modify and in and re-start the service from the example, it starts to send data to the collector.

First, configuring "in" and "out" parts respectively, and then set the connection of"in" and "out" in part in order to send data properly. In , the setting is "in=>out" so that Windows event logs will be sent through TCP socket.

ODBC Method

It collects stored data from other databases through ODBC. For Machbase users, it is required to install unixODBC (ODBC driver manager). The example below shows how to collect data by accessing MySQL with unixODBC and MyODBC installed.

Refer to the websites of unixODBC and MyODBC for installation.

Setup Additional Values

Suppose DSN handles all the settings regarding server access in ODBC method. It writes only a name of DSN, a query statement and a baseline column in the tpl file.

Name of variable Description Other information
ODBC_DSN Setup DSN for accessing databases It inputs DSN which was specified in a configuration file.
ODBC_QUERY Search query to retrieve data It uses basic query
ODBC_SEQ_COLUMN The base column name that determines the order in the query results It inputs a column name from the results. * Only numbers are allowed.

Example

The example shows how to collect data from MySQL.

Data Creation

First, create a table and insert data into MySQL. Inserted data are as follows.

0,2015-05-20 06:00:00,16.194.51.72,6790,183.103.50.46,5281,20,GET /twiki/bin/view/TWiki/KlausWriessnegger HTTP/1.1,200,3848
1,2015-05-20 06:00:02,96.40.75.42,11011,31.224.72.52,12069,55,GET /twiki/bin/search/Main/SearchResult?scope=text®ex=on&search=Office%20*Locations[notA-Za-z] HTTP/1.1,200,7771
2,2015-05-20 06:00:02,174.47.129.59,6032,96.40.75.42,6442,72,GET /twiki/bin/edit/Main/WebSearch?t=1078669682 HTTP/1.1,401,12846
3,2015-05-20 06:00:02,153.199.166.54,4220,86.45.186.17,2245,1,GET /twiki/bin/oops/TWiki/RichardDonkin?template=oopsmore¶m1=1.2¶m2=1.2 HTTP/1.1,200,11281
4,2015-05-20 06:00:02,226.7.237.25,10805,50.230.44.173,179,70,GET /twiki/bin/oops/TWiki/AppendixFileSystem?template=oopsmore¶m1=1.12¶m2=1.12 HTTP/1.1,200,11382
5,2015-05-20 06:00:02,183.103.50.46,7175,96.128.212.177,7175,73,GET /twiki/bin/view/TWiki/DontNotify HTTP/1.1,200,4140
6,2015-05-20 06:00:02,123.198.82.192,6784,63.214.191.124,10825,21,GET /twiki/bin/view/TWiki/DontNotify HTTP/1.1,200,4140
7,2015-05-20 06:00:02,214.153.107.182,5562,85.183.139.166,1367,8,GET /twiki/bin/oops/TWiki/RichardDonkin?template=oopsmore¶m1=1.2¶m2=1.2 HTTP/1.1,200,11281
8,2015-05-20 06:00:02,245.13.24.17,7451,69.99.246.62,4497,20,GET /twiki/bin/view/Main/SpamAssassin HTTP/1.1,200,4081
9,2015-05-20 06:00:02,239.81.105.222,2245,71.129.68.118,1641,59,GET /twiki/bin/view/Main/TokyoOffice HTTP/1.1,200,3853

Names of columns are seq, at, srcip, srcport, dstip, dstport, protocol, eventlog, eventcode, and eventsize. Here, "seq" is the baseline column. The syntax for table creation that matches with the data above is as follows.

mysql> create table odbc_seq_int_10 (seq int(9), at timestamp, srcip varchar(20), srcport int(6), dstip varchar(20), dstport int(6), protocol int(3), eventlog varchar(1024),
eventcode int(9), eventsize int(9));

If a table is properly created, insert the data files listed above into MySQL. For data insertion process, use LOAD command of MySQL.

mysql> load data infile '<File Path>' into table <Table Name> fields terminated by ',';

With LOAD command, insert and execute the absolute path of CSV file and the name of target table, and then the following data are displayed.

Query OK, 10 rows affected (0.00 sec)
Records: 10 Deleted: 0 Skipped: 0 Warnings: 0

Verify ODBC Settings

It describes how to set and verify DSN which contains all the information about server access from ODBC setting values.

Setup ODBC

For unixODBC, you can find the paths of configuration files for ODBC with the following commands.

$ odbcinst -j
unixODBC 2.3.1
DRIVERS............: /usr/local/etc/odbcinst.ini
SYSTEM DATA SOURCES: /usr/local/etc/odbc.ini
FILE DATA SOURCES..: /usr/local/etc/ODBCDataSources
USER DATA SOURCES..: /home/mach/.odbc.ini
SQLULEN Size.......: 8
SQLLEN Size........: 8
SQLSETPOSIROW Size.: 8

In general, USER DATA SOURCES takes priority over others. Thus, when create ".odbc.ini" file in the user's home directory and then insert the contents below, it applies first.

[MYSQL]
Driver=MySQL
Server=<Database host address>
Port=<Database host port>
Database=<Name of default database to access>
UID=<User ID>
PWD=<User password>

When MyODBC is installed, MySQL is stored in the "/etc/odbcinst.ini" and can be used by setting "Driver" equals "MySQL". You can insert relevant information to the Server, Port, UID and PWD. If the port is not specified, 3306 will be used as default.

Verify ODBC Settings

When ODBC driver is installed, unixODBC provides isql which is generally available. You can verify whether DSN is connected by using isql. With the command below, it can check whether DSN is properly operating.

$ isql -v MYSQL

It is the command to set the settings of DSN, "MYSQL". If it is properly operated, you will get "Connected" message as follows.

+---------------------------------------+
| Connected! |
| |
| sql-statement |
| help [tablename] |
| quit |
| |
+---------------------------------------+
SQL>

It selects tables to check whether there is an error for specifying a database.

SQL> select * from odbc_seq_int_10;
+-----------+--------------------+---------------------+-----------+---------------------+-----------+-----------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------+-----------+
| seq | at | srcip | srcport | dstip | dstport | protocol | eventlog | eventcode | eventsize |
+-----------+--------------------+---------------------+-----------+---------------------+-----------+-----------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------+-----------+
| 0 | 2015-05-20 06:00:00| 16.194.51.72 | 6790 | 183.103.50.46 | 5281 | 20 | GET /twiki/bin/view/TWiki/KlausWriessnegger HTTP/1.1 | 200 | 3848 |
| 1 | 2015-05-20 06:00:02| 96.40.75.42 | 11011 | 31.224.72.52 | 12069 | 55 | GET /twiki/bin/search/Main/SearchResult?scope=text®ex=on&search=Office%20*Locations[notA-Za-z] HTTP/1.1 | 200 | 7771 |
| 2 | 2015-05-20 06:00:02| 174.47.129.59 | 6032 | 96.40.75.42 | 6442 | 72 | GET /twiki/bin/edit/Main/WebSearch?t=1078669682 HTTP/1.1 | 401 | 12846 |
| 3 | 2015-05-20 06:00:02| 153.199.166.54 | 4220 | 86.45.186.17 | 2245 | 1 | GET /twiki/bin/oops/TWiki/RichardDonkin?template=oopsmore¶m1=1.2¶m2=1.2 HTTP/1.1 | 200 | 11281 |
| 4 | 2015-05-20 06:00:02| 226.7.237.25 | 10805 | 50.230.44.173 | 179 | 70 | GET /twiki/bin/oops/TWiki/AppendixFileSystem?template=oopsmore¶m1=1.12¶m2=1.12 HTTP/1.1 | 200 | 11382 |
| 5 | 2015-05-20 06:00:02| 183.103.50.46 | 7175 | 96.128.212.177 | 7175 | 73 | GET /twiki/bin/view/TWiki/DontNotify HTTP/1.1 | 200 | 4140 |
| 6 | 2015-05-20 06:00:02| 123.198.82.192 | 6784 | 63.214.191.124 | 10825 | 21 | GET /twiki/bin/view/TWiki/DontNotify HTTP/1.1 | 200 | 4140 |
| 7 | 2015-05-20 06:00:02| 214.153.107.182 | 5562 | 85.183.139.166 | 1367 | 8 | GET /twiki/bin/oops/TWiki/RichardDonkin?template=oopsmore¶m1=1.2¶m2=1.2 HTTP/1.1 | 200 | 11281 |
| 8 | 2015-05-20 06:00:02| 245.13.24.17 | 7451 | 69.99.246.62 | 4497 | 20 | GET /twiki/bin/view/Main/SpamAssassin HTTP/1.1 | 200 | 4081 |
| 9 | 2015-05-20 06:00:02| 239.81.105.222 | 2245 | 71.129.68.118 | 1641 | 59 | GET /twiki/bin/view/Main/TokyoOffice HTTP/1.1 | 200 | 3853 |
+-----------+--------------------+---------------------+-----------+---------------------+-----------+-----------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------+-----------+
SQLRowCount returns 10
10 row(s) fetched.
SQL>

The results show that all the input data are properly displayed. If you cannot see data even though data are properly inserted, check the values of both database and user configuration.

Setup Collector

By using the queries which were used above, make tpl file of ODBC method to check the DSN and data. It doesn't need to specify REGEX_PATH as ODBC method doesn't require parsing process so that it only needs to set "Collect setting" paragraph properly to get the right results. Results are as follows.

###############################################################################
# Copyright of this product 2013-2023,
# Machbase Corporation (Incorporation) or its subsidiaries.
# All Rights reserved
###############################################################################

#
# This file is for Machbase collector template file.
#

###################################################################
# Collect setting
###################################################################

COLLECT_TYPE=ODBC
ODBC_DSN=MYSQL <= Name of driver specified in "odbc.ini"
ODBC_QUERY="select * from sample_seq_int_10" <= Not required to input other queries except select <Columns> from <Table name>.
ODBC_SEQ_COLUMN=seq <= The base column name that determines the order in the query results

###################################################################
# Process setting
###################################################################

#PREPROCESS_PATH=Python script file path

###################################################################
# Output setting
###################################################################

DB_TABLE_NAME = "sample_seq_int"
DB_ADDR = <Machbase Server Host>
DB_PORT = <Machbase Server Port>
DB_USER = "SYS"
DB_PASS = "MANAGER"

# 0: Direct insert
# 1: Prepared insert
# 2: Append
APPEND_MODE=2

# 0: None, just append.
# 1: Truncate.
# 2: Try to create table. If table already exists, warn it and proceed.
# 3: Drop and create.
CREATE_TABLE_MODE=2

Now, the settings of tpl file are done. With machsql, it creates and executes collectors that use the tpl file.

mach> create collector localhost.odbc_sample from "/home/mach/mach_collector_home/collector/odbc.tpl";
Create Success
Elapsed Time : 0.027
mach> alter collector localhost.odbc_sample start;
Alter Success
Elapsed Time : 0.037
mach>

check the data, run machsql.

mach> select * from sample_seq_int limit 50;
COLLECTOR_TYPE COLLECTOR_ADDR
-----------------------------------------------------
COLLECTOR_ORIGIN COLLECTOR_OFFSET SEQ
-----------------------------------------------------------------------------------------------------------------------
AT SRCIP SRCPORT DSTIP DSTPORT PROTOCOL
-----------------------------------------------------------------------------------------------------------------------
EVENTLOG EVENTCODE EVENTSIZE
--------------------------------------------------------------------------------------------------------------
ODBC 192.168.122.1
MYSQL 9 9
1900-01-03 19:54:55 000:000:000 239.81.105.222 2245 71.129.68.118 1641 59
GET /twiki/bin/view/Main/TokyoOffice HTTP/1.1 200 3853
ODBC 192.168.122.1
MYSQL 8 8
1900-01-03 19:54:55 000:000:000 245.13.24.17 7451 69.99.246.62 4497 20
GET /twiki/bin/view/Main/SpamAssassin HTTP/1.1 200 4081
ODBC 192.168.122.1
MYSQL 7 7
1900-01-03 19:54:55 000:000:000 214.153.107.182 5562 85.183.139.166 1367 8
GET /twiki/bin/oops/TWiki/RichardDonkin?template=oopsmore¶m1=1.2¶m2=1.2 HTTP/1
.1 200 11281
ODBC 192.168.122.1
MYSQL 6 6
1900-01-03 19:54:55 000:000:000 123.198.82.192 6784 63.214.191.124 10825 21
GET /twiki/bin/view/TWiki/DontNotify HTTP/1.1 200 4140
ODBC 192.168.122.1
MYSQL 5 5
1900-01-03 19:54:55 000:000:000 183.103.50.46 7175 96.128.212.177 7175 73
GET /twiki/bin/view/TWiki/DontNotify HTTP/1.1 200 4140
ODBC 192.168.122.1
MYSQL 4 4
1900-01-03 19:54:55 000:000:000 226.7.237.25 10805 50.230.44.173 179 70
GET /twiki/bin/oops/TWiki/AppendixFileSystem?template=oopsmore¶m1=1.12¶m2=1.12
HTTP/1.1 200 11382
ODBC 192.168.122.1
MYSQL 3 3
1900-01-03 19:54:55 000:000:000 153.199.166.54 4220 86.45.186.17 2245 1
GET /twiki/bin/oops/TWiki/RichardDonkin?template=oopsmore¶m1=1.2¶m2=1.2 HTTP/1
.1 200 11281
ODBC 192.168.122.1
MYSQL 2 2
1900-01-03 19:54:55 000:000:000 174.47.129.59 6032 96.40.75.42 6442 72
GET /twiki/bin/edit/Main/WebSearch?t=1078669682 HTTP/1.1 401 12846
ODBC 192.168.122.1
MYSQL 1 1
1900-01-03 19:54:55 000:000:000 96.40.75.42 11011 31.224.72.52 12069 55
GET /twiki/bin/search/Main/SearchResult?scope=text®ex=on&search=Office%20*Locat
ions[notA-Za-z] HTTP/1.1 200 7771
ODBC 192.168.122.1
MYSQL 0 0
1900-01-03 19:54:55 000:000:000 16.194.51.72 6790 183.103.50.46 5281 20
GET /twiki/bin/view/TWiki/KlausWriessnegger HTTP/1.1 200 3848
[10] row(s) selected.
Elapsed Time : 1.724
mach>

The results show that MySQL data are displayed in reverse order as the characteristics of Machbase.

results matching ""

    No results matching ""