0

In my system i am having rsyslog daemon running. I tried to configure syslog.conf to sent all authentication mail to a particular file using the line

auth.*;authpriv.* /var/log/AuthLogs

its working. Now i want to send these messages to a process. The process will be ready to capture the logs. previously i was using syslogd daemon. In that i was able to send the log using the line below

auth.*;authpriv.* |exec /usr/bin/read.exe

But the same is not working with rsyslogd. Do any one have any clue how to do this?

UPDATE: Particularly this issue happens with python scripts ex code: 

#!/usr/local/bin/python import sys import fcntl, os message = sys.stdin.readline() # Read what's waiting, in one go if not message: print "nothing in message\n" fd = open('/tmp/testrsyslogomoutput1.txt', 'a') fd.write("Receiving log message : \n%s\n" % (message)) fd.close()

This python code i want to invoke through rsyslog.

Improve this question

2 Answers 2

Reset to default
1

I'Am checked Google and found this answer. I've checked example and found that in your case, you should change you string to:

auth.*;authpriv.* ^/usr/bin/read.exe

Update: I created simple script that contained only echo $1 >> /var/log/tt.log. After this I see in log file all messages passed to this script.

Improve this answer
3
  • This will defnitely execute the command. But i need to pass the message also to the command. Commented May 26, 2017 at 13:09
  • @joseph it actually pass message to the command. See updated answer. Commented May 26, 2017 at 13:16
  • thanks for your support. For bash scripts its running. But i want it to run for python scripts. its not running for python scripts Commented Jun 6, 2017 at 2:19
1

Depends whether you want to invoke an external program for each instance of a matching message (in which case the `^command' functionality should work for you getting the log message as a parameter).

If you want to pass all matching messages to the standard input of a long running program then I think you want rsyslog's `omprog' functionality. See http://www.rsyslog.com/doc/v8-stable/configuration/modules/omprog.html for full details. Example config (from that page) ...

module(load="omprog") action(type="omprog" binary="/pathto/omprog.py --parm1=\"value 1\" --parm2=\"value2\"" template="RSYSLOG_TraditionalFileFormat")
Improve this answer
1
  • I tried this but its not working. I think omprog libraries are not there in my system. Commented Jun 6, 2017 at 2:19

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.