[logs] EventLog 0.1.2

From: Balazs Scheidler (bazsiat_private)
Date: Fri Jan 10 2003 - 01:57:14 PST

  • Next message: Rainer Gerhards: "RE: [logs] RE: syslog/tcp (selp)"

    I have released version 0.1.2 from EventLog which has the following
    important changes:
    NEWS for the 0.1.2 release
            Fri, 10 Jan 2003 10:15:48 +0100
            Added two implementations of the syslog wrapper (macro and dlsym
            The dlsym() based can be enabled by configure-ing with the
            --enable-dlsym-wrapper option.
            The macro based can be used by defining the symbol
            EVENTLOG_SYSLOG_MACROS preprocessor symbol prior to including
    Additionally a couple of documentation updates was performed. The whole
    library was relicensed under the terms of a BSD-like license was performed.
    The library is available at
    A more detailed description of the syslog wrapper is below:
    Syslog compatibility
    Most UNIX systems and therefore the programs running under UNIX use the
    syslog() API found in the libc for logging. Because of the large installed
    base it is worth supporting legacy applications before they are converted to
    use EventLog.
    Two different implementations of syslog compatibility is provided: macro and
    linker based.
    * Macro based compatibility
      This works by defining the syslog() function names as macros to refer to 
      the compatibility functions found in EventLog. To use the macro based
      wrapper you will need to recompile the program from source:
        $ cc -DEVENTLOG_SYSLOG_MACROS syslogapp.c -levtlog
    * Linker based compatibility
      Some dynamic linker implementations (most notably: Linux and Solaris)   
      support symbol overloading. EventLog can use this feature if the dlsym()
      function is present which supports RTLD_NEXT to fetch symbols hidden by
      EventLog itself.
      To enable this wrapper configure EventLog with the --enable-dlsym-wrapper
      configure option. To use the wrapper you simply need to preload the
      event log shared object like:
       $ LD_PRELOAD=/usr/lib/libeventlog.so.0 syslogapp
      Where syslogapp is the program to be run. As you can see the application
      itself did not need to be recompiled.
    PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
    LogAnalysis mailing list

    This archive was generated by hypermail 2b30 : Fri Jan 10 2003 - 10:31:07 PST