can't change the destination socket with logger?

I

id

Linux and older versions of FreeBSD logger could log to a socket other than /var/run/log with a commandline switch. Is there a way to get logger to do it or any alternatives?

Thanks,
-id
 
Look into the -l flag of syslogd(8). You can define an additional log socket wherever you like in rc.conf(5), use an unused facility like local7 in syslog.conf(5) to point logging to that socket, and tell logger to log to the local7 facility using the -p flag.

Just an example:
rc.conf
Code: 
syslogd_flags="-s -cc -l /tmp/socket"
syslog.conf
Code: 
local7.*					/tmp/socket
Code: 
# sockstat | grep /tmp/socket                                                                                                              
root     syslogd    27452 6  dgram  /tmp/socket

[cmd=]logger -p local7.info "something"[/cmd]

I'm not quite sure whether this works or not; can sockets be defined and written to like this in syslog.conf? A char device like /dev/console can be used, so maybe a socket will work here as well. The socket is not being overwritten by this logger command anyway. In other words, it doesn't suddenly turn into a file called /tmp/socket containing the line
Code: 
something

Try, I guess.
 
The issue is logger, not syslog

I'm using logger inside httpd.conf to push logs to a socket in a jail, and reading that socket via syslog-ng from the parent OS.

ie:
Code: 
ErrorLog "|/usr/bin/logger -t 'jail_apache'  -u /var/log/apache_log.socket"

which I cannot do since logger doesn't support sending data to an alternate socket.

Cheers,
-id
 
So what happens if you let it push logging to the alternate socket via the method I proposed, instead of writing to it directly? In other words: tell logger to talk to syslogd, and let syslogd handle the socket.
 
Worked

Thanks DutchDaemon, I misread your post the first time through, your method did work. I was also able to do it via tagging the packet with a unique string and letting syslog-ng's regex matching just sort them out for me. I ended up going with tagging since my goal was to not run syslogd in the jail.

Cheers,
-id
 
You must log in or register to reply here.
Back
Top