On Wed, 22 May 2019, DOR Nelly wrote:
Thank you ! It does give me somewhere to start. I take it the rest can be
understood by going to the files holding those imuxsock and omfile ?
for the level of detail you seem to be looking for, that is probably the only
place.
On another note, I came across the comment, inside the source code, that the
imuxsock part was no longer used because now the program used Unix datagrams.
Is that still the case... ?
Granted it might have been in the code for syslogd.
I don't know about that, but most linux distros have systemd on them, so you end
up using imjournal more than imuxsock (both have their problems, journald was
not really designed for performance or to play well with others), but outside of
the systemd case, imuxsock is very commonly used.
David Lang
Thanks again
Nelly DOR
On Tuesday, May 21, 2019 19:41 CEST, David Lang <[email protected]> wrote:
quick version:
There are two types of config statements
startup statements
module loads
input definitions
global definitions
ruleset actions
actions
conditionals
functions
input modules accept messages (source depends on the module) and add them to a
queue (mail queue by default, but it could be a queue on a ruleset)
a worker thread goes through all the config items in a ruleset (default ruleset
by default, but you can define an input to invoke a different ruleset). This
includes the action() calls that invoke message modification and output modules,
and it's these modules that deliver the messages to all destinations.
imuxsock is the module that reads /dev/log
omfile is the module that would write to /var/log
does this answer your questions?
David Lang
On Tue, 21 May 2019, DOR Nelly via rsyslog wrote:
Date: Tue, 21 May 2019 15:13:00 +0200
From: DOR Nelly via rsyslog <[email protected]>
To: rsyslog-users <[email protected]>
Cc: DOR Nelly <[email protected]>
Subject: [rsyslog] Rsyslog - how it works
Hello,
I am currently trying to evaluate the portability of Rsyslog to exokernel-like
systems. I did not, however, find descriptions of the inner workings of the
software in its documentation. As exploring the source code doesn't help me
much at this stage, is there someone who could point me to sites or documents
that actually tell of the system routines that are used ? Or, if possible,
explain the different steps the program takes in order to fetch messages from
the /dev/log socket and deliver them to /var/log.
I do understand how the rsyslog config file is organized, how the message selection rules
work, etc. I can't see the "road" the program takes to use this config file in
order to do its work, or why it's organized the way it is : which functions create the
initial socket, how are the system calls and functions linked to one another, etc. In
other words, I don't understand the global pattern/diagram that illustrates how the
program actually fulfills its role...
Cheers, and thanks in advance for the help !
Nelly DOR
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
--
Nelly DOR
ISAE SUPAERO - Institut Supérieur de l'Aéronautique et de l'Espace
10 avenue Edouard Belin - BP 54032 - 31055 TOULOUSE CEDEX 4 FRANCE -
http://www.isae-supaero.fr
Plan d'accès/Access map
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
