--- sysplogd	2009/04/13 18:40:32	16
+++ sysplogd	2009/05/02 21:07:32	21
@@ -47,7 +47,6 @@
 	id		serial,
 	timestamp	timestamp default now(),
 	ip		inet not null,
-	hostname	text,
 	message		text,
 	level		int,
 	facility	int,
@@ -88,12 +87,12 @@
 
 my $sth_log_full = $dbh->prepare(qq{
 	insert into log
-	(ip,hostname,message,level,facility,program,pid)
-	values (?,?,?,?,?,?,?)
+	(ip,message,level,facility,program,pid)
+	values (?,?,?,?,?,?)
 });
 
 my $sth_log_unparsed = $dbh->prepare(qq{
-	insert into log (ip,hostname,message) values (?,?,?)
+	insert into log (ip,message) values (?,?)
 });
 
 
@@ -116,16 +115,28 @@
 while(1) {
 	$sock->recv($buf, $MAXLEN);
 	my ($port, $ipaddr) = sockaddr_in($sock->peername);
-	my $hostname = gethostbyaddr($ipaddr, AF_INET);
+#	my $hostname = gethostbyaddr($ipaddr, AF_INET);
 	my $ip = join('.', unpack('C4',$ipaddr));
-	my @values = ( $ip, $hostname, $buf );
+	my @values = ( $ip, $buf );
 
-	if ( $buf =~ /<(\d+)>\w\w\w \d+ \d\d:\d\d:\d\d\s*(\S*)\s*:\s*(.*)/ ) {
-		$values[2] = $3;
+	if ( $buf =~ s/<(\d+)>// ) {
 		my $level    = $1 % 8;
 		my $facility = ( $1-$level ) / 8;
-		my $program  = $2;
-		my $pid      = $1 if $program =~ s/\[(\d+)\]$//;
+	
+		$buf =~ s/^\w\w\w\s+\d+\s+\d\d:\d\d:\d\d//;	# strip timestamp which some syslog servers insert here
+
+		my ( $program, $pid );
+
+		if ( $buf =~ s/^\s*([^:]+)\s*:\s*// ) {
+			$program = $1;
+			if ( $program =~ s/\[(\d+)\]$// ) {
+				$pid = $1;
+			} elsif ( $buf =~ s/^(\d+):\s*// ) {
+				$pid = $1;
+			}
+		}
+
+		$values[1] = $buf;
 		push @values, ( $level, $facility, $program, $pid );
 		$sth_log_full->execute( @values );
 	} else {