On Fri, 2006-09-22 at 18:58 +0100, Hari Sekhon wrote:
I have an email alert script written in python to send me security alerts depending on criteria I have defined. I was working on something else and wanted to clean up so I did a pkill -9 python without remembering that I'm on the syslog server.
Of course this killed the alert script, which I noticed didn't restart and syslog-ng kept running without it. So I tested it by creating a condition to generate a log and therefore an alert and I didn't get the email. Not very good.
Syslog-ng didn't restart the script defined in program() in syslog-ng.conf, even when it had more input for it, which has gotten me thinking, what happens if the script really dies or is accidentally killed? Syslog-ng must have just dropped the output on the floor or something.
The only way I can see to restart it is to restart syslog-ng itself.
What is the best way to make this more resilient?
what version of syslog-ng are you running? i believe i have read that 2.0 is supposed to restart the program if it dies, 1.6 does not, to my knowledge. -- Matt Zagrabelny - mzagrabe@d.umn.edu - (218) 726 8844 University of Minnesota Duluth Information Technology Systems & Services PGP key 1024D/84E22DA2 2005-11-07 Fingerprint: 78F9 18B3 EF58 56F5 FC85 C5CA 53E7 887F 84E2 2DA2 He is not a fool who gives up what he cannot keep to gain what he cannot lose. -Jim Elliot