Hi, The use case is a crystal box: everything (but keys) are public in the system, including logs. So I want to configure syslog-ng such that anyone can connect to it, and receives the logs. The simpler the interface, the better. I also would like to have some limit on the number of concurrent clients. Any way to achieve this with syslog-ng without using an additional stomp or amqp server? My syslog-ng version is 3.5.6-2. If there is a need for a message broker, could anyone suggest a free or dirt cheap one in the cloud?
Hi Árpád, FWIW we are sending logs to riemann [1] using the native destination, and then clients can subscribe to riemann's websocket API. Security and limiting can be handled using a reverse proxy. Not exactly the solution you were probably looking for, but I thought it was worth mentioning. IIRC there was a GSoC project for implementing websockets natively in syslog-ng, maybe someone else can comment on its whenabouts. Cheers [1] http://riemann.io/
Hy, Here is the idea of the websocket destination for syslog-ng (it can be extended for source, too). This project wasn't selected for GSoC 2015, but maybe this year. You can vote for this project. :) To answer your question there wasn't any code toward websocket destination in syslog-ng. https://github.com/balabit/syslog-ng/wiki/GSoC2015-Idea-&-Project-list#proje... Best regards, Laci On 29 February 2016 at 09:34, Fabien Wernli <wernli@in2p3.fr> wrote:
Hi Árpád,
FWIW we are sending logs to riemann [1] using the native destination, and then clients can subscribe to riemann's websocket API. Security and limiting can be handled using a reverse proxy.
Not exactly the solution you were probably looking for, but I thought it was worth mentioning.
IIRC there was a GSoC project for implementing websockets natively in syslog-ng, maybe someone else can comment on its whenabouts.
Cheers
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
Hi, So if I understand this correctly the current idea is to implement a static destination. In riemann, clients can subscribe to its websocket backend using a query. What would be awesome, is to implement the pubsub mechanism in syslog-ng natively. Maybe clients could POST the filter rules they want to subscribe to, and the syslog-ng destination would dynamically compile the logpath by adding the filters. Cheers
participants (3)
-
Fabien Wernli
-
Laci Mészáros
-
Árpád Magosányi