[systemd-devel] Looking for experiences formalizing an API for journal messages
Dimitri John Ledkov
dimitri.j.ledkov at intel.com
Wed Jul 29 20:05:08 PDT 2015
On 29 July 2015 at 20:02, Anne Mulhern <amulhern at redhat.com> wrote:
>
>
>
>
> ----- Original Message -----
>> From: "Lennart Poettering" <lennart at poettering.net>
>> To: "Anne Mulhern" <amulhern at redhat.com>
>> Cc: systemd-devel at lists.freedesktop.org
>> Sent: Thursday, July 23, 2015 9:21:44 AM
>> Subject: Re: [systemd-devel] Looking for experiences formalizing an API for journal messages
>>
>> On Thu, 23.07.15 09:17, Anne Mulhern (amulhern at redhat.com) wrote:
>>
>> > Hi!
>> >
>> > We all know that using the journald native API it is possible to enrich the
>> > log
>> > entry data w/ key/value pairs, although this facility is Linux only.
>> > The set of key/value pairs which a message may log to the journal can
>> > constitute an API with which a logging entity can communicate alerts to
>> > consumers
>> > of this information. Clearly this requires an agreement on an API between
>> > the logging
>> > entity and the consumer of the journal entries.
>> >
>> > Are there existing projects that have used this facility in a principled,
>> > coordinated way with some success or have there been any interesting
>> > failures
>> > along those same lines?
>>
>> systemd of courses uses its on its own, and we tried to document
>> the fields we use in systemd.journal-fields(7), though it might be
>> slightly incomplete.
>>
>> But yes, this is indeed API, and deserves complete documentation, like
>> any C API, any D-Bus API or a any REST API would need too.
>>
>> Lennart
>>
>> --
>> Lennart Poettering, Red Hat
>>
>
> What I'm wondering about is the existence of some processes (not systemd), that have an
> agreement on a set of key-value pairs that they communicate with through the journal.
>
> It seems like, even though there is a mechanism for adding additional key/value pairs,
> regular expression matching is still kind of the norm.
>
> I was hoping for an inspiring counter example that uses mostly or exclusively key/value
> pairs instead of expression matching, and maybe some hints as to best practices.
I've heard of https://github.com/rsyslog/liblogging/tree/master/stdlog
but didn't look to deep into it. It supposed to do generic structured
logging for multiple destinations, one of them being journal. Maybe
it's of any help. I don't think that project is stable, nor widely
used at the moment.
--
Regards,
Dimitri.
Pura Vida!
https://clearlinux.org
Open Source Technology Center
Intel Corporation (UK) Ltd. - Co. Reg. #1134945 - Pipers Way, Swindon SN3 1RJ.
More information about the systemd-devel
mailing list