5

I am learning linux programming and want to do the following. I would like to create a mini-logger that will work like syslog. I want to be able to replace syslog (not in practice but just to understand at every level how things work).

So in my code, I would write

#include "miniLogger.h"

....
....
miniLogger(DEBUG, "sample debug message");

----
----

Now, I am guessing I would need some kind of daemon to listen for incoming messages from my miniLogger and I have no experience with daemons. Can you point me in the right direction or give me a quick overview how messages can move from my API into a configurable destination. I read the man pages but I need more of an overview of how APIs communicate with daemons in general.

culix
  • 10,188
  • 6
  • 36
  • 52
Andrew
  • 53
  • 4

2 Answers2

10

syslogd listens for log messages over /dev/log, which is a unix domain socket. The socket is datagram-oriented, meaning the protocol is similar to udp.

Your log daemon should open the socket, set the socket to server mode, open a log file in write mode, ask to get notified of packets, parse the messages safely, and write them to the file. The important system calls for doing socket io are described in man 7 socket. To get notified of incoming data on the socket, you can use epoll or select.

Tobu
  • 24,771
  • 4
  • 91
  • 98
  • Thanks so much. I now have my weekend set to do this. Thanks again for your clear, relevant and consise explanation. – Andrew Nov 24 '10 at 21:04
  • syslogd can also listen on TCP or UDP port 514 (traditionally UDP, some newer syslog daemons support also TCP), for remote logging. – ninjalj Nov 24 '10 at 21:14
1

syslog commonly uses a PF_LOCAL socket at /dev/log.

user502515
  • 4,346
  • 24
  • 20