[systemd-devel] Looking for experiences formalizing an API for journal messages
Anne Mulhern
amulhern at redhat.com
Thu Jul 30 07:56:42 PDT 2015
----- Original Message -----
> From: "Zbigniew Jędrzejewski-Szmek" <zbyszek at in.waw.pl>
> To: "Anne Mulhern" <amulhern at redhat.com>
> Cc: systemd-devel at lists.freedesktop.org
> Sent: Thursday, July 30, 2015 10:01:54 AM
> Subject: Re: [systemd-devel] Looking for experiences formalizing an API for journal messages
>
> On Wed, Jul 29, 2015 at 03:02:26PM -0400, Anne Mulhern wrote:
> > What I'm wondering about is the existence of some processes (not systemd),
> > that have an
> > agreement on a set of key-value pairs that they communicate with through
> > the journal.
>
> There was work done on converting abrt to use the journal. We extended
> our set of metadata fields for coredumps which were already used internally
> by coredumpctl (see
> http://cgit.freedesktop.org/systemd/systemd/commit/?id=3f132692e3).
> I think this work is not finished yet, because of some issues that abrt
> would have to copy the coredump file (?), but abrt is becoming an external
> consumer.
Thanks! That's a helpful datapoint.
> fail2ban has a "systemd" backend which uses the journal. It uses the
> python API for journal to add matches (the mechanism is general and
> the matches themselves are specified by filters). This is the same
> functionality
> that journalctl uses.
I did take a look at fail2ban. I didn't study it in depth, but it looks
like it processes journal entries into a different format and then does
regular expression matching on the result. So it didn't really feel like
a good example for what I had in mind.
I've been exercising the systemd-python package a little and AFAICT it's
a pretty straightforward mapping onto the journal C API, with a few extra
bits from the journalctl front-end thrown in for convenience.
>
> HTH,
> Zbyszek
>
- mulhern
More information about the systemd-devel
mailing list