24 Jun
2024
24 Jun
'24
2:04 a.m.
On Sun, Jun 23, 2024 at 03:00:02PM -0400, Theodore Ts'o wrote:
On Sun, Jun 23, 2024 at 11:47:52AM +1000, Alexis
wrote:
AIX sort of gets a pass here on account of being on the weird side
to begin with and bonus points for not using DB/2 for primary log
storage ;-)
Dave Horsfall <dave(a)horsfall.org> writes:
Systemd certainly isn't a pioneer in terms of binary log files. The
first such "innovation" that I can think of is Ultrix's (and later
OSF/1 and Tru64)'s uerf (Ultrix error report formatter). AIX also had
binary error logs that needed to be decoded using the errpt command.
And Solaris's audit logs are also stored in a binary format. My server runs Sendmail, and I have no idea what
"journalctl" is (it
sounds Penguin-ish, which I definitely don't run).
It's systemd's program for accessing the binary logs it generates. So, yes,
it's Penguin, in the sense that systemd is explicitly not supported on
anything other than Linux. All of these "innovations" consider it a
Feature that it becomes
easier to store and filter on structured data, instead of trying to
write complex regex's to pull out events that match some particular
query.
Except you now have to do the additional step of extracting the
data from the binary logs and _then_ apply the regex filter you
were going to use in the first place, which makes the logs less
accessible. All of my systemd running machines still get rsyslog
plugged into it so it can deliver the logs to my central log host
(which then dumps them into PostgreSQL) - and to enable a quick
rummage in the local logs via less & grep.
Kind regards,
Alex.
--
"Opportunity is missed by most people because it is dressed in overalls and
looks like work." -- Thomas A. Edison