slngctl: syslog-ng debug, trace and statistics utility
Hi, PZolee wrote a quite lengthy blog post on troubleshooting and debuging syslog-ng [1] back in December 2009. It popped into my mind that running syslog-ng with debug/trace/verbose option enabled is very handy, but sometimes you do not want to stop syslog-ng just to restart it in a more verbose mode. My idea was to enable syslog-ng to real-time modify these verbosity settings through the control socket which is currently only used for exporting statistical information. I extended the control socket communication to have the ability of modify these logging settings. To make life easier I have created a small utility called slngctl which can be used to communicate with the running syslog-ng process. Using slngctl it also easy to query the statistics collected by syslog-ng. Also on longer term I think other useful small features could be added the slngctl. slngctl commands: marci@octane:$ slngctl Possible commands are: stats Dump syslog-ng statistics verbose Enable/query verbose messages debug Enable/query debug messages trace Enable/query trace messages Querying statistics: marci@octane:$ slngctl stats destination;d_out;;a;processed;0 global;payload_reallocs;;a;processed;0 source;s_tcp;;a;processed;0 global;msg_clones;;a;processed;0 global;sdata_updates;;a;processed;0 center;;received;a;processed;0 center;;queued;a;processed;0 Getting current verbose settings: marci@octane:$ slngctl verbose VERBOSE=1 Enabling trace run-time: marci@octane:$ slngctl trace TRACE=0 marci@octane:$ slngctl trace -s 1 marci@octane:$ slngctl trace TRACE=1 As always you can find the source code in my 3.1 git repository and all feedbacks are very welcome. best, Marton PS: I know slngctl might not be the best name, so I offer a bier to anyone suggesting a better name when visiting us in Budapest, Hungary. :) [1] http://pzolee.blogs.balabit.com/2009/12/troubleshooting-and-debugging-syslog... -- Key fingerprint = F78C 25CA 5F88 6FAF EA21 779D 3279 9F9E 1155 670D
ILLES, Marton a écrit :
Hi,
PZolee wrote a quite lengthy blog post on troubleshooting and debuging syslog-ng [1] back in December 2009. It popped into my mind that running syslog-ng with debug/trace/verbose option enabled is very handy, but sometimes you do not want to stop syslog-ng just to restart it in a more verbose mode. My idea was to enable syslog-ng to real-time modify these verbosity settings through the control socket which is currently only used for exporting statistical information.
I extended the control socket communication to have the ability of modify these logging settings. To make life easier I have created a small utility called slngctl which can be used to communicate with the running syslog-ng process. Using slngctl it also easy to query the statistics collected by syslog-ng. Also on longer term I think other useful small features could be added the slngctl.
slngctl commands:
marci@octane:$ slngctl Possible commands are: stats Dump syslog-ng statistics verbose Enable/query verbose messages debug Enable/query debug messages trace Enable/query trace messages
[...]
switch the verbose level without restarting server > very interesting feature which I would have used yesterday (If i have this command !) during a support session with a sysadmin of my company !
As always you can find the source code in my 3.1 git repository and all feedbacks are very welcome.
best,
Marton
PS: I know slngctl might not be the best name, so I offer a bier to anyone suggesting a better name when visiting us in Budapest, Hungary. :)
May be as for named (named-checkzone, named-checkconf) or apache 2 (a2ensite, a2dissite, a2enmod, a2dismod), a command by functionnality may be more readable : syslogng-trace / syslogng-stats etc.
[1] http://pzolee.blogs.balabit.com/2009/12/troubleshooting-and-debugging-syslog...
-- Christophe Brocas CNAMTS/DDSI/DSEC 12, allées Haussmann 33300 Bordeaux fixe : +33 (0)5.57.85.53.55 mobile : +33 (0)6.77.05.19.01 fax : +33 (0)5.56.39.84.48 keyid : 0x237E9DB2 ***************************************************** "Le contenu de ce courriel et ses eventuelles pièces jointes sont confidentiels. Ils s'adressent exclusivement à la personne destinataire. Si cet envoi ne vous est pas destiné, ou si vous l'avez reçu par erreur, et afin de ne pas violer le secret des correspondances, vous ne devez pas le transmettre à d'autres personnes ni le reproduire. Merci de le renvoyer à l'émetteur et de le détruire. Attention : L'Organisme de l'émetteur du message ne pourra être tenu responsable de l'altération du présent courriel. Il appartient au destinataire de vérifier que les messages et pièces jointes reçus ne contiennent pas de virus. Les opinions contenues dans ce courriel et ses éventuelles pièces jointes sont celles de l'émetteur. Elles ne reflètent pas la position de l'Organisme sauf s'il en est disposé autrement dans le présent courriel." ******************************************************
On Thu, 2010-01-07 at 15:59 +0100, Christophe Brocas wrote:
ILLES, Marton a écrit :
Hi,
PZolee wrote a quite lengthy blog post on troubleshooting and debuging syslog-ng [1] back in December 2009. It popped into my mind that running syslog-ng with debug/trace/verbose option enabled is very handy, but sometimes you do not want to stop syslog-ng just to restart it in a more verbose mode. My idea was to enable syslog-ng to real-time modify these verbosity settings through the control socket which is currently only used for exporting statistical information.
I extended the control socket communication to have the ability of modify these logging settings. To make life easier I have created a small utility called slngctl which can be used to communicate with the running syslog-ng process. Using slngctl it also easy to query the statistics collected by syslog-ng. Also on longer term I think other useful small features could be added the slngctl.
slngctl commands:
marci@octane:$ slngctl Possible commands are: stats Dump syslog-ng statistics verbose Enable/query verbose messages debug Enable/query debug messages trace Enable/query trace messages
[...]
switch the verbose level without restarting server > very interesting feature which I would have used yesterday (If i have this command !) during a support session with a sysadmin of my company !
As always you can find the source code in my 3.1 git repository and all feedbacks are very welcome.
best,
Marton
PS: I know slngctl might not be the best name, so I offer a bier to anyone suggesting a better name when visiting us in Budapest, Hungary. :)
May be as for named (named-checkzone, named-checkconf) or apache 2 (a2ensite, a2dissite, a2enmod, a2dismod), a command by functionnality may be more readable : syslogng-trace / syslogng-stats etc.
Thanks for this functionality. I'm going to integrate this into OSE 3.1 as it doesn't affect the stability of the main syslog-ng binary. I guess I'm going to name this "syslog-ng-ctl" as I don't like abbreviating syslog-ng into slng and we lack a common prefix for our binaries (syslog-ng, pdbtool, loggen, lgstool...) Hope I get to integrate this soon. -- Bazsi
On Thu, 2010-01-14 at 10:15 +0100, Balazs Scheidler wrote:
On Thu, 2010-01-07 at 15:59 +0100, Christophe Brocas wrote:
ILLES, Marton a écrit :
Hi,
PZolee wrote a quite lengthy blog post on troubleshooting and debuging syslog-ng [1] back in December 2009. It popped into my mind that running syslog-ng with debug/trace/verbose option enabled is very handy, but sometimes you do not want to stop syslog-ng just to restart it in a more verbose mode. My idea was to enable syslog-ng to real-time modify these verbosity settings through the control socket which is currently only used for exporting statistical information.
I extended the control socket communication to have the ability of modify these logging settings. To make life easier I have created a small utility called slngctl which can be used to communicate with the running syslog-ng process. Using slngctl it also easy to query the statistics collected by syslog-ng. Also on longer term I think other useful small features could be added the slngctl.
slngctl commands:
marci@octane:$ slngctl Possible commands are: stats Dump syslog-ng statistics verbose Enable/query verbose messages debug Enable/query debug messages trace Enable/query trace messages
[...]
switch the verbose level without restarting server > very interesting feature which I would have used yesterday (If i have this command !) during a support session with a sysadmin of my company !
As always you can find the source code in my 3.1 git repository and all feedbacks are very welcome.
best,
Marton
PS: I know slngctl might not be the best name, so I offer a bier to anyone suggesting a better name when visiting us in Budapest, Hungary. :)
May be as for named (named-checkzone, named-checkconf) or apache 2 (a2ensite, a2dissite, a2enmod, a2dismod), a command by functionnality may be more readable : syslogng-trace / syslogng-stats etc.
Thanks for this functionality. I'm going to integrate this into OSE 3.1 as it doesn't affect the stability of the main syslog-ng binary. I guess I'm going to name this "syslog-ng-ctl" as I don't like abbreviating syslog-ng into slng and we lack a common prefix for our binaries (syslog-ng, pdbtool, loggen, lgstool...)
Hope I get to integrate this soon.
This happened sooner than I thought, so I'm happy to tell everyone that both the pdbtool colorization stuff, and syslog-ng-ctl were integrated to syslog-ng OSE 3.1 tree. And I'd be really happy if I could get some 3.1 related feedback, positive or negative both appreciated. So if you have only a little time, it'd be great if you could: * just compile syslog-ng in your environment, to make sure we didn't break any of the supported platforms * try it with your favourite configuration file, did we break something? * putting it under some real-world stress would be a real benefit The first two things would only take minutes assuming you compiled syslog-ng yourself and you still have the environment. I hope to get this released without the "beta" tag rather sooner than later. Thanks for any help. -- Bazsi
participants (3)
-
Balazs Scheidler
-
Christophe Brocas
-
ILLES, Marton