[Mono-list] UnixStream/Pipe Best Practices
Ben Timby
ben at gohelios.com
Mon Nov 13 17:48:31 EST 2006
Easiest way is likely to configure syslog-ng with a destination of type:
unix-stream for your firewalls events.
syslog-ng.conf:
--
source firewall {
udp(ip(0.0.0.0) port(5000));
};
destination parser {
unix-stream("/var/firewall-parser");
}
log {
source(firewall);
destination(parser);
}
--
You can then use the UnixStream to read the incoming data...
C#:
--
int fd = Syscall.open ("/var/firewall-parser", OpenFlags.O_RDONLY);
UnixStream fs = new UnixStream (fd);
int n;
while ((n = fs.Read(...)) != 0)
{
//do something with your data...
}
--
I don't know when this particular class would return EOF (0) from the
Read method. My guess is when the remote end closes the stream. Your
read operations will likely block until data becomes available from
syslog-ng. If this is not the case, I would be happy to help you
research this.
Michael Schurter wrote:
> Now I'd like to streamline the process. I don't know much about Unix
> streams/sockets/pipes (obviously), but it seems like the easiest way to
> pipe data from syslog-ng to my Mono program (which I would run as a
> service).
>
> The example for UnixStream looks simple enough, but I don't know the
> best practice for using that in a service.
--
Ben Timby
Senior Software Architect
Helios, LLC
(p) 317-554-3619
(f) 317-554-8997
www.gohelios.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3233 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.ximian.com/pipermail/mono-list/attachments/20061113/d6fcba11/attachment-0001.bin
More information about the Mono-list
mailing list