Trying out systemd-journal-gatewayd
With systemd the logging is handled by journal. This means that if we want to connect up a script, we will have to connect to journal instead of syslog-ng. To this end, systemd comes with systemd-journal-gatewayd, which allows you to write subprocess that follows system logs. You could probably use journalctl -f
in a script, but connecting through the gateway seems like a much cooler solution.
Below I'll describe how to set up systemd-journal-gatewayd on Arch Linux. I assume you have already set up the use of sudo to make sure you are not constantly running around as root. If not, you may need to drop sudo
off of every command I post.
Configure systemd-journal-gatewayd to bind to localhost only
To make sure the daemon will not accept connections from anywhere in the world, we start with making it bind to localhost only. You can later change this back if you want.
Open /usr/lib/systemd/system/systemd-journal-gatewayd.socket
and change the line
ListenStream=19531
into
ListenStream=[::1]:19531
which will make sure it only binds to localhost.
Start systemd-journal-gatewayd
To start the daemon, you start the .socket
. Simply run sudo systemctl start systemd-journal-gatewayd.socket
to start the service. If all went well, you will see your logging with the following command:
curl 'http://localhost:19531/entries?boot'
If you get all the logging on screen, you are done!
However, you may run into the some problems like I did, and get curl: (56) Recv failure: Connection reset by peer
instead.
If you get an error, check the service with sudo systemctl status systemd-journal-gatewayd
. If the output is:
systemd-journal-gatewayd.service - Journal Gateway Service
Loaded: loaded (/usr/lib/systemd/system/systemd-journal-gatewayd.service; static)
Active: failed (Result: start-limit) since Sat 2013-09-07 14:42:55 CEST; 27s ago
Process: 1215 ExecStart=/usr/lib/systemd/systemd-journal-gatewayd (code=exited, status=217/USER)
then you have a problem with the user configuration. By default systemd-journal-gatewayd will try to run as the systemd-journal-gateway user and group. But, as the user does not exist we get an exit code 217. The solution is to add the user:
sudo useradd --system systemd-journal-gateway
Now we give it a second try. At this point you may run into a missing shared library. I needed to install libmicrohttpd
as well.
Now as a last check, make sure the socket is really listening to only the localhost by using ss
to check for listening sockets. The output of ss -nl
should contain a line similair to
tcp LISTEN 0 128 ::1:19531 :::*
And we are done. To make sure the service starts at the next boot, run sudo systemctl enable systemd-journal-gatewayd.socket
.
If you run into other problems or have more tips, pleas consider posting a comment. Happy hacking!