[Mono-list] UnixStream/Pipe Best Practices

Ben Timby ben at gohelios.com
Mon Nov 13 17:48:31 EST 2006

Easiest way is likely to configure syslog-ng with a destination of type: 
unix-stream for your firewalls events.

source firewall {
         udp(ip( port(5000));

destination parser {

log {

You can then use the UnixStream to read the incoming data...

int fd = Syscall.open ("/var/firewall-parser", OpenFlags.O_RDONLY);
UnixStream fs = new UnixStream (fd);

int n;
while ((n = fs.Read(...)) != 0)
	//do something with your data...

I don't know when this particular class would return EOF (0) from the 
Read method. My guess is when the remote end closes the stream. Your 
read operations will likely block until data becomes available from 
syslog-ng. If this is not the case, I would be happy to help you 
research this.

Michael Schurter wrote:
> Now I'd like to streamline the process. I don't know much about Unix
> streams/sockets/pipes (obviously), but it seems like the easiest way to
> pipe data from syslog-ng to my Mono program (which I would run as a
> service).
> The example for UnixStream looks simple enough, but I don't know the
> best practice for using that in a service.

Ben Timby
Senior Software Architect
Helios, LLC
(p) 317-554-3619
(f) 317-554-8997
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3233 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.ximian.com/pipermail/mono-list/attachments/20061113/d6fcba11/attachment-0001.bin 

More information about the Mono-list mailing list