--- sysplogd	2009/04/10 19:12:17	2
+++ sysplogd	2009/04/11 08:30:33	5
@@ -5,12 +5,16 @@
 
 use IO::Socket;
 use Data::Dump qw/dump/;
-#use StoreToMongoDB;
+use DBI;
 
 my $port = 514;
 
 my $MAXLEN = 1524;
 
+my $dsn = 'DBI:Pg:dbname=syslog;host=llin.lan';
+my $user = 'dpavlin';
+my $debug = 0;
+
 my @facilities = ( qw/
 kernel user mail system security internal printer news uucp clock security2 
 FTP NTP audit alert clock2 local0 local1 local2 local3 local4 local5 local6 local7
@@ -23,6 +27,14 @@
 #	ReuseAddr => 1,
 ) || die "can't listen to $port: $!";
 
+my $dbh = DBI->connect( $dsn, $user, '', { RaiseError => 1 } ) || die $DBI::errstr;
+
+my $sth = $dbh->prepare(qq{
+	insert into log
+	(ip,hostname,facility,priority,level,program,message) values
+	(? ,?       ,?       ,?       ,?    ,?      ,?      )
+});
+
 print "INFO: listen on $port",$/;
 
 my $rin = '';
@@ -34,22 +46,11 @@
 	my $ip = join('.', unpack('C4',$ipaddr));
 	warn "# ",dump( $port, $ipaddr, $hostname, $buf );
 
-	if ( $buf=~/<(\d+)>(.*?):(.*)/ ) {
-		my $sev=$1 % 8;
-		my $fac=($1-$sev) / 8;
-
-		my $log = {
-			ip => $ip,
-			port => $port,
-			hostname => $hostname,
-
-			priority => $1,
-			severity => $sev,
-			facility => $fac,
-			header => $2,
-			message => $3,
-		};
-		print dump( $log ),$/;
-		#StoreToMongoDB->insert( $log );
+	if ( $buf =~ /<(\d+)>\s*(\S*)\s*:\s*(.*)/ ) {
+		my $level=$1 % 8;
+		my $fac=($1-$level) / 8;
+		$sth->execute( $ip, $hostname, $fac, $1, $level, $2, $3 );
+	} else {
+		$sth->execute( $ip, $hostname, undef, undef, undef, undef, $buf );
 	}
 }