How best to parse messages?

The task to deduce from /var/log/messages
information on the user authorization. Next you need the whole thing written to a database such as Mysql. Then have to display up in.
That is, we need an analogue of Windows logs.
Need advice from seasoned. How best to do this?
To make the parser for example in BASH? or are there any ready solutions?
SUSE Linux Enterprise Server 11
June 26th 19 at 14:22
5 answers
June 26th 19 at 14:24
For parsing text files in linux is responsible awk
There is a good .
June 26th 19 at 14:26
The task is quite clear.
To list the contents of /var/log/messages is enough to make:
cat /var/log/messages
Specify the task.
You need to make the analogue of the Windows Logs. - missouri75 commented on June 26th 19 at 14:29
June 26th 19 at 14:28
Maybe you fit this approach. In /etc/syslog.conf to add the line:
authpriv.* /var/log/secure
Then in log file secure you get the desired information
syslog.conf no. is syslog-ng - missouri75 commented on June 26th 19 at 14:31
June 26th 19 at 14:30
tail-f /var/log/messages | grep "what you need" - and get a live log for this line
if you need to write it down
tail-f /var/log/messages | grep "what you need" > 111.txt


If you need to save in dB then who's stopping you to it .

mysql-uroot -rttool << EOF
Here what to write 
EOF


In Linux there is no "analog magazine" you will forgive me, such bogosta it is not yet invented. in Linux everything is much easier.
To more accurately describe the task, what kind of thing you need to do.
An example of the file from which to take.
The structure of the database where to put, or how best to display this information.

+
Everything is nice and clear. Is the Last command but as I understand it there is no record if the user has entered the pass is not right and have failed.
I just brought Windows. It has a magazine "Safety." it stored record of the user's authorization. Such as: Input, output, error the authorization to change passwords for other accounts, change privileges, etc need to implement on Linux. That is how to parse or use some ready-made solution if it is of course. And the whole thing is already up in the display Application software. - missouri75 commented on June 26th 19 at 14:33
It is desired to remove logs for logging into separate file which is easier to parse. - missouri75 commented on June 26th 19 at 14:36
not desirable, simply use the standard functionality of Linux.
and you will not need to vivocity something in a separate log - missouri75 commented on June 26th 19 at 14:39
In /var/log/message not written to the logs of log in to KDE.
Tell me who can I find them?
in the /var/log
kde log no. - missouri75 commented on June 26th 19 at 14:42
https://www.kde.org/applications/system/ksystemlog - Lavern_Schuppe commented on June 26th 19 at 14:45
: So this is a stray to KDE.
Where are all the same writes logs about the KDE user authorization? - missouri75 commented on June 26th 19 at 14:48
June 26th 19 at 14:32
> Next you need the whole thing written to a database such as Mysql

google://syslog-ng mysql

Find more questions by tags LinuxSUSEParsing