Hi list, bear with a *nix newbie implementing a *nix syslogd ;). I have added support for /dev/log to my liblogging. I am currently testing under Red Hat Linux and I am also reading the sysklogd package as a reference alongside. I am looking now at the log file entries generated. As it looks, a standard logger generated message has this format: Oct 1 17:56:57 rh9lt rger: test 2 Whereas a message sent from a remote machine has this format: Oct 1 17:56:44 172.19.1.20 wsrger rger: test 1 As it looks, logs from remote machines have the remote machine name (wsrger in the sample above) in them. This is the format I expected according to the RFCs. However, locally-generated messages have no host name in the message itself (the hostname you see above is added by the syslogd itself [when calling printchopped()]). On the "wire" (recv from Unix Domain Socket), I see this message: <13>Oct 1 18:02:32 rger: test 4 So, as far as the packages I am currently using, I think this description is correct. Question now: is this the same on other *nix variants? I would appreciate if those of you doing analysis on heterogeneous favors could let me know. I am asking, because I would like do my implementation in the "most common/natural way". If there are differences, I may even need to add config switches to support them. Any feedback is highly appreciated. Many thanks, Rainer _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Wed Oct 01 2003 - 17:56:15 PDT