[syslog-ng] connecting to syslog-ng
Alexander Clouter
ac56 at soas.ac.uk
Sat Sep 23 12:07:14 CEST 2006
Hi,
Torsten Curdt <tcurdt at vafer.org> [20060923 09:35:30 +0200]:
>
> >2. you can 'tune in' to the logging messages you want from anywhere
>
> Haha! :-)
>
> >I think its the latter that you would be interested in particularly.
> >Although I have multicast logging setup here at work I have yett to get
> >around to write the 'tuning in' perl script that will stream the logs to
> >the
> >local machine, so what you would type on the developer machines is:
> >
> >$ ./syslog-mc.pl 239.239.12.13 514 | grep cheese
>
> That would be awesome! Exactly what I was after. Was more
> thinking about a standard tcp/udp connection but why not multicast...
>
Well you will need multicast support if you have to cross subnet's/routers
however if its all on the same subnet you could get away with the recent
broadcast support added and pick your particular log by port number. The
disavantage of this is that *every* machine on the subnet will receive the
packets whether they want them or not.
The multicast approach obviously is cleaner for several reasons, also if you
have developers wanting to do this from across a VPN then multicast is the
only way to go about doing this.
> >which would display live all the lines with cheese that are being streamed
> >to the multicast address 239.239.12.13 (port 514).
> >
> >If you grovel suitably I'll get around to writing[1] the tuning in script
> >sooner rather than later ;)
>
> Hehehe
>
> >Is this what you are after? syslog-ng would still run on the logging box
> >but you would broadcast to multicast groups your streams.
>
> This sounds pretty good! ...I will check with my folks and then might begin
> to grovel ...or to contribute ;-)
>
Its actually rather straight forward to do and its only something I have not
done yet as the logging cluster is not being extensively used yet. If
someone else has a use for it then I'll get around to it sooner rather than
later.
However if you cannot wait it seems someone has made a multicast enabled
netcat:
http://code.google.com/p/mnc/
You will be able to use this to do something very similar, it also says that
it works under windoze aswell.
Cheers
Alex
> cheers
> --
> Torsten
> _______________________________________________
> syslog-ng maillist - syslog-ng at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>
>
More information about the syslog-ng
mailing list