syslog to app

Rob Wehrli rwehrli@azpower.com
Fri, 13 Oct 2000 08:30:25 -0700 

der.hans wrote:
> 
> Am 12. Oct, 2000 schwäzte sinck@ugive.com so:
> 
> > Try watching the inode and seeing if it changes, then readdir to grab
> > the old and new file names.  (Old for guaranteeing you got all the
> > input, new for, well, you guessed it....)
> 
> Good idea! I hadn't thought of that. I've gotten it working bypassing
> syslog altogether, which is better. I will, however, be looking at using
> syslog in case the other way breaks :).
> 
> danke,
> 
> der.hans

Sorry for coming into the middle of this thread, so please excuse me if
I'm talking out of my okole...however:

A more suited approach may be to set up your system so that syslogd
doesn't truncate the files at all.  Then, your log parsing app can send
syslogd a command to truncate or (if needed) manage the log file
truncation itself.

I'd probably want to set up my application as a recipient of syslogd's
output rather than greping through the logs themselves.  That way, the
log files are left intact and I don't have to worry about them at all. 
I'm also not consuming a lot of processing time by batching the work at
some interval.  If you're setting up your app as a "batch processing"
activity through cron, then parsing the logs makes sense...however, why
not simply create a daemon process that waits for input from syslog and
processes in "real time?"  I guess it all depends on what you're trying
to do with the logs...and whether or not the information is something
you need to act upon right away.  An even better method could be to
simply use syslogd's facilities to filter those messages of importance
to you and email them to you.  A simple user account set up solely to
receive messages from syslogd could host the incoming messages and your
app can easily bang against your local 110 port to retrieve them.  There
are tons of freeware POP/SMTP client code out there for you to use,
however, it is even very easy to implement these simple protocols
yourself.  You can easily find example code in C, C++, PERL, shell
scripts, Tcl and probably a dozen others.  Just about any decent CGI
library (C and PERL come to mind) will have examples of getting and
sending Email messages.

Anyway, these thoughts might be useful to you as you go about getting
what you need out of your logging functions.  Hope this helps in some
small way.

Take Care.

Rob!