I would like some recommendations for the following problem. I use Ossec for log analysis. What I want, is after extracting the fields to save them in an Oracle database.
For example, if I have this line
IP:(\d+.\d+.\d+.\d+)@(\w+): (forcefield \w+); (.*)
I want $1 go to Ip tables, $2 to host, $3 to msg ... etc
For the moment I am considering to execute a script when I have a match, but I looking for a better approach if possible.
cheers