JSON logging, to Splunk
Mark Martinec
Mark.Martinec+amavis at ijs.si
Mon Oct 6 15:41:20 CEST 2014
Patrick,
> Further testing yields to a positive result. Script behaves
> flawlessly, Splunk won't show new events immediately, but will
> eventually index and display them (probably because it's a very low
> traffic MX server).
>
> Thanks Mark for the great work.
> regards,
> Patrick PRONIEWSKI
If it's a low-traffic server, turn on autoflush in the perl
program (add a line: $| = 1; somewhere near the beginning).
This way it will write each line immediately to stdout,
instead of buffering the output:
--- logfeeder-redis2stdout.pl~ 2014-05-08 17:47:13.898140766 +0200
+++ logfeeder-redis2stdout.pl 2014-10-06 15:38:09.852551962 +0200
@@ -16,2 +16,3 @@
+$| = 1;
binmode(STDOUT,':bytes') or die "Can't set STDOUT to bytes mode: $!";
Mark
More information about the amavis-users
mailing list