Linux – Writing to Unix Domain Socket from rsyslog

linuxrsyslogsocketunix

I want to write output messages from rsyslog to a Unix Domain Socket. I want to do this so that I can read the messages from that socket using my script and parse log messages further.

I try to use omuxsock but it was not creating any socket.

Is this possible and if, how I configure rsyslog correctly to write to a socket?

Edit:

This is what i edited in /etc/rsyslog.conf

$ModLoad omuxsock
$OMUxSockSocket /tmp/sock
*.* :omuxsock:

Best Answer

Yes, it is possible, and the given config is already correct*, as per rsyslog docs: http://www.rsyslog.com/doc/v8-stable/configuration/modules/omuxsock.html.

There is a mistaken assumption, however, in the statement "omuxsock ... was not creating any socket." omuxsock is not expected to create the socket; it expects to transmit to an existing socket. This is likely why @HBruijn suggested including the configuration "used to try setting up the socket".

Here is an example of such a setup in Python:

import socket
sock = socket.socket(socket.AF_UNIX, socket.SOCK_DGRAM)
sock.bind('/tmp/sock')
print(sock.recv(4096))

This works with the configuration given in the question, and will block until it receives a message over the socket.

Note that omuxsock only supports SOCK_DGRAM, not SOCK_STREAM (which would have been Python's default in the example above), and thus is connection-less (think UDP not TCP).

*Assuming of course that some input mechanism has also been defined and that it's desirable for everything (not previously excluded) to be logged to the given socket.

Best Answer

Related Solutions

Configure Nginx Proxy_Pass for Node.js HTTP Server via UNIX Socket

Rsyslog: Difference between logging to a UNIX domain socket or an INET socket (UDP)

Related Topic