[syslog-ng] Understanding Sources & Destinations

Jim Hendrick jrhendri at roadrunner.com
Fri Apr 10 14:59:24 CEST 2015 

    
This could be used for example to process historical log data as part of an investigation.  Say you have a search tool (like ELK or something that needs preprocessing to json, sql, etc). Being able to send those logs through a command line version that does the exact same processing as the real time one would be extremely valuable. Jim


Sent from my Verizon Wireless 4G LTE smartphone

-------- Original message --------
From: "Scheidler, Balázs" <balazs.scheidler at balabit.com> 
Date: 04/10/2015  12:39 AM  (GMT-05:00) 
To: Syslog-ng users' and developers' mailing list <syslog-ng at lists.balabit.hu> 
Subject: Re: [syslog-ng] Understanding Sources & Destinations 

Hi,
The command line tool should work primarily between stdin/stdout just like for instance awk.
We may make it possible to fire up tcp listeners but the primary use-case is batch processing already received data.
Another use case is to debug configuration snippets in a faster way than edit/reload/test cycle that nromal syslog-ng offers.
On Apr 10, 2015 12:55 AM, "Asadullah Hussain" <asadxflow at gmail.com> wrote:
Hi Guys, I am working to understand the task of developing syslog-ng as a command line tool (GSoC2015) and I am trying to figure what "possible outputs" the command line tool will take. As per my understanding the input & outputs to syslog are defined as Sources & Destinations (which are places where applications output their logs from respectively).
I have read the documentation about sources & destinations [Table 6.2 ](http://www.balabit.com/sites/default/files/documents/syslog-ng-ose-3.6-guides/en/syslog-ng-ose-guide-admin/html-single/index.html#chapter-sources) and my understanding is that syslog has following 3 types of sources: files, streams on tcp/ip sockets and stdout from a program.
and 3 types of destinations: files or remote hosts (TCP/IP socket) and applications (mentioned in section 7).
So are these all possible types of inputs/outputs that syslog-ng can have? which have to be supported by the command line tool. Or am I missing some points?
-- 
Cheers, 
Asadullah Hussain


______________________________________________________________________________

Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng

Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng

FAQ: http://www.balabit.com/wiki/syslog-ng-faq





-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20150410/ed5bcdcb/attachment.htm

More information about the syslog-ng mailing list