[syslog-ng] Destination program behavior
Gaetan Lord
syslog-ng at gaetanlord.ca
Sun Oct 12 16:25:02 CEST 2008
Hi,
I try to define a log parser. The idea is to monitor every lines for
specific pattern and run action command.
My config lines are
destination syslog_parser { program("/usr/local/bin/test_syslog"); };
log { source(src); destination(syslog_parser); };
To test syslog-ng, I wrote a basic shell script, which only contain
/bin/echo "This is a test" | /usr/bin/wall
and exit
This should issue a "wall" command on every lines written in the syslog
I test it with the command "logger", and this do not work.
I have the following syslog-ng error when I start it.
Oct 10 13:04:00 minime1 syslog-ng[5470]: io.c: do_write: write()
failed (errno 32), Broken pipe
Oct 10 13:04:00 minime1 syslog-ng[5470]: pkt_buffer::do_flush(): Error
flushing data
I'm currently running version 1.6 from SLES10, syslog-ng-1.6.8-20.18 for IA64
I red the documentation provided by the package, and saw the following
NOTE: the program is executed once at startup, and kept running until
SIGHUP or exit. The reason is to prevent starting up a large number of
programs for messages, which would imply an easy DoS.
My script is meant to run once and exit. Could it be the problem.
Is there any way to achieve what I want. I'm aware about the DoS,
but in this case, there it's not a problem.
Thank you
--
Spike Milligan - "All I ask is the chance to prove that money can't
make me happy."
More information about the syslog-ng
mailing list