[syslog-ng] Issue with syslog-ng and Windows Server 2012
Artyom Gavrichenkov
ximaera at gmail.com
Fri Jan 15 17:40:41 CET 2016
Hi all,
Since Windows Vista (and Server 2012), in NTFS, file size is updated
not when its contents are being flushed to disk, but when the last
handle to the corresponding file object is closed. More on that here:
https://blogs.msdn.microsoft.com/oldnewthing/20111226-00/?p=8813
What this means in practice is that an application log file might
already be quite large, but its reported file size will still be zero
unless some other application will open(), read() and then close() it.
And seems like it breaks syslog-ng’s source() file() handler in case
the filename in file() arguments contains wildcards.
Could anyone please look into it?
| Artyom Gavrichenkov
| gpg: fa1c670e
| mailto: ximaera at gmail.com
| xmpp: ximaera at gmail.com
| tel. no: +7 916 515 49 58
More information about the syslog-ng
mailing list