[syslog-ng] unix-dgram for Linux syslog stream
ZeroUno
zerozerounouno at gmail.com
Fri May 8 16:19:36 CEST 2015
Hi,
I've read some old discussions about unix-dgram vs unix-stream for
getting the /dev/log syslog stream on Linux (e.g.
https://bugs.archlinux.org/task/22153), but some years have passed by
and I'd like to be sure my configuration is safe.
I'm using syslog-ng 3.2.5 on a system composed of different Linux
(RHEL6) machines. I cannot install a different version.
There is a central log facility, but each machine collects and sends its
logs using the following source config:
source src {
file ("/proc/kmsg" program_override("kernel: "));
unix-dgram ("/dev/log" flags(no-multi-line));
internal();
};
It was originally using unix-stream(), but I need to change it to
unix-dgram() because some custom applications are sending multiline
messages which need to be converted into single line, and unix-stream()
does not support this flag.
Can I be sure that no messages risk to be lost due to this change?
This is a rather critical application.
Thank you very much.
--
01
More information about the syslog-ng
mailing list