[syslog-ng] [RFC] procfile destination

[Balazs Scheidler]

Hi,

Based on a request I have now created a new destination driver, called
"procfile".

A working PoC is available on this branch:

https://github.com/balabit/syslog-ng/tree/3.6/f/procfile

It can be used to change kernel settings dynamically, based on a trigger
within syslog-ng.

The difference between procfile() and file():

- no template in the name of the file
- processing is performed immediately as read by the source, no queueing
is performed (e.g. no loss is possible, but takes CPU time from the
source)
- opens and closes the destination file after each and every write,
writes to offset zero e.g. it doesn't append further data.

I'd be grateful if you could provide feedback around these questions or
the feature in general:

- name of the driver, right now it is called procfile as it was the
original use-case, however it works with stuff in /dev too, and might
work with simple named pipes.

- right now the file must exist and is not created (e.g. it really
requires an existing file); do we need that?

- do we need append mode in some cases

- whether we need append mode (if we think of general files, this would
probably be needed)


Thanks in advance,
Bazsi