linux c程序除了读取/ var / log中的文件外,还有另一种读取日志的方法吗?
[英]linux c program is there another way to read logs than reading files in /var/log?
问题描述
Hello dear community of stackoverflow, 
您好亲爱的stackoverflow社区,
at the moment im programming a tool in c that monitors the linux log files which can be found in /var/log, the c program reads the logs directly from the log files but reading the log files from an c program is is not very good because the user can manipulate log files or the logs got saved in different file eg instead it got saved in syslog it got saved in syslog.1. 目前,我正在用c编程工具监视/ var / log中的linux日志文件,c程序直接从日志文件中读取日志,但是从c程序中读取日志文件不是很好因为用户可以操纵日志文件或将日志保存在其他文件中,例如,而是将其保存在syslog中,所以将其保存在syslog.1中。
Because of this disadvantages i want to ask if there is any alternative in linux instead of reading the files? 由于这个缺点,我想问一下在Linux中是否有替代方法而不是读取文件? Maybe it is possible with an kernel module that catches these logs? 捕获这些日志的内核模块是否有可能?
Thank you for any answer! 谢谢您的回答!
1 个解决方案
解决方案1
0 2017-10-11 14:49:19
An alternate is to use either /proc/kmsg or /dev/kmsg . 另一种方法是使用/proc/kmsg或/dev/kmsg 。 User cannot modify these sources of logs. 用户无法修改这些日志源。 Format will be a bit different but you can change your program to adapt it. 格式会有所不同,但是您可以更改程序以适应它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.