syslog(3) issues
Garrett Cooper
yanegomi at gmail.com
Mon Sep 3 00:20:47 UTC 2012
On Sun, Sep 2, 2012 at 4:35 PM, Attilio Rao <attilio at freebsd.org> wrote:
> Hi,
> I was trying to use syslog(3) in a port application that uses
> threading , having all of them at the LOG_CRIT level. What I see is
> that when the logging gets massive (1000 entries) I cannot find some
> items within the /var/log/messages (I know because I started stamping
> also some sort of message ID in order to see what is going on). The
> missing items are in the order of 25% of what really be there.
>
> Someone has a good idea on where I can start verifying for my syslogd
> system? I have really 0 experience with syslogd and maybe I could be
> missing something obvious.
I'd maybe use something like rsyslog and force TCP to verify that
the messages made it to their endpoints, and if all the messages make
it to the rsyslogd daemon use tcpdump/wireshark to figure out if the
UDP datagrams (default transport layer for syslog) aren't getting
dropped on the floor.
Cheers!
-Garrett
More information about the freebsd-hackers
mailing list