Read from auth.log file as a stream
acouvreur opened this issue · comments
Read from the auth.log file as a stream instead of having a TCP server and an RSyslog configuration
The Dockerfile will just need to map on the /var/log/auth.log file as read only.
This is good because in swarm mode it can be extended really easily to monitor all nodes.
https://github.com/lucagrulla/node-tail seems to be good for this job
Is that something you're looking to do, moving forward?
It seems to be more consistent because it would only require a single docker run
.
But it would remove the message extraction from RSyslog. Which means the parser will have to be a bit smarter. Maybe too much because the rsyslog conf may change the way the output are printed...
Also prevents from missing because tcp failed
cannot connect to 127.0.0.1:7070: Connection refused [v8.1901.0 try https://www.rsyslog.com/e/2027 ]
Abandoned?
Abandoned?
It has no real benefits and it is working with the current solution. So I'll leave it that way :)