From: "Nikola Vlahović" <root.admin1@zg.t-com.hr>
To: linux-c-programming@vger.kernel.org
Subject: Read from log file - daemon - how?
Date: Thu, 12 Jan 2006 00:23:37 +0100 [thread overview]
Message-ID: <43C59379.4010907@zg.t-com.hr> (raw)
Hi,
I would like to make daemon in C for watching and processing log files
(GPL of course :)))))
and I have some problems......
1) if I open some log file like /var/log/messages for read with fopen
...how do I get new changes
that are generated in time.....like new system messages or soemthing
else......
2)if I open file for reading and don't append any kind of lock to that
file (log is the file...) are there
any implications....(problems for log-generating daemon or soemthing...)
3) what is prefered way , used functions , else.......to approach this
problem......
my daemon would be used for creating large database of information on
some kind of RD (like mysql)
from all kinds of log files, messages , httpd , mail and others.....and
then processed and used for
creating automated defence policy methods based on this info , like
creating IPTABLES entry for
host that is generating too much aggressive traffic like scanning, mail
accout hacking , enumeration or
soemthing else.....
I intend to make such system for use in small or medium networks for
automating defend procedure using
several hosts......
If one system detects attack and creates database entry and sends
message , other system can use this info
and protect themselfs against attack , later database information can be
used for creating attack statistics,
attack prediction, attacker habbits (usual times of attack and similar....)
tnx,
nikola.
next reply other threads:[~2006-01-11 23:23 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-01-11 23:23 Nikola Vlahović [this message]
2006-01-12 2:14 ` Read from log file - daemon - how? James Stevenson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=43C59379.4010907@zg.t-com.hr \
--to=root.admin1@zg.t-com.hr \
--cc=linux-c-programming@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).