[syslog-ng] Question on behavior of unix-stream destination when data is returned...
Robert Nickel
coinelement at gmail.com
Thu May 29 20:10:29 CEST 2014
So, I have the following configuration to send logs out to a unix domain socket:
source s_tls {
syslog(
ip( 0.0.0.0 )
port( 6514 )
transport( "tls" )
tls( ca_dir( "/path/to/cacerts" ) key_file(
"/path/to/private/key" ) cert_file( "/path/to/certificate" ) )
);
};
destination d_sock {
unix-stream( "/var/tmp/itsa.socket" );
};
log {
source( s_tls );
destination( d_sock );
};
Every time a message writes to the socket, the following logs show up:
EOF occurred while idle; fd='12'
Syslog connection broken; fd='12',
server='AF_UNIX(/var/tmp/itsa.socket)', time_reopen='60'
Digging into the code of the socket listening service, it is apparent
that the socket returns messages on receipt of the message.
Essentially, every time it gets a well-formatted message, it returns
'Parse message success' or 'Parse message failed'. Disabling all of
these messages makes the socket work fine but it will break other code
that uses this same socket.
Is this expected behavior?
Is there a way to get syslog-ng to ignore the returned information on
the socket?
Thanks!
--Robert
More information about the syslog-ng
mailing list