Syslog hander limited to UDP on Windows

721 views Asked by At

I am using a logging configuration file with a Syslog handler. I am using nxlog. The documentation says "On Windows, you pretty much have to use the UDP option".

[handler_syslogHandler]
class=handlers.SysLogHandler
level=DEBUG
formatter=syslogFormatter
args=(('localhost', 1514), handlers.SysLogHandler.LOG_LOCAL5, 1)

Note that using socket.SOCK_STREAM raises an exception NameError: name 'socket' is not defined so I had to replace the numeric equivalent in the args list.

Could you provide more details about the remark in python docs? Why only UDP on Windows?

3

There are 3 answers

0
Peter Brittain On BEST ANSWER

I suspect that this documentation is just out of date/understating your options... Back when syslog was first implemented there was only one network transport for it and that was UDP. However if you used UNIX and had a local syslog daemon, you could use domain sockets to send logs to that server.

In those times, therefore, the only real option for Windows was to use UDP sockets (as Windows doesn't have domain sockets). However since 2009, there have been other options as other transports have become available and then made available in Python.

To be doubly sure, I just checked out your config file on my Windows installation and it's fine. The socket error is simply that it doesn't recognize the name and Python was still perfectly happy to try to connect to the TCP socket.

2
oozie _at_ concourse.farm On

Unix domain sockets are not a thing in Windows, for that reason other than UDP port 514 there is no supported interface to syslog. Windows wizards could probably come up with a way to emulate domain sockets as an IPC mechanism with pipes or Component Object Model (COM), but as a non-standard solution it wouldn't work from system to system.

1
b0ti On

SOCK_STREAM is for TCP. You want SOCK_DGRAM for UDP.

Why only UDP on Windows?

Both TCP and UDP are available on windows, Unix Domain Socket isn't.