Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Flush hits when no activity from stdin #368

Open
wants to merge 1 commit into
base: 5.x-dev
Choose a base branch
from
Open

Flush hits when no activity from stdin #368

wants to merge 1 commit into from

Conversation

Knyffen
Copy link

@Knyffen Knyffen commented Dec 30, 2023

Description:

The script only processes the logs after len(hits) >= options.recorder_max_payload_size * len(Recorders.recorders) valid hits are detected. With the default settings, this is 200 hits or if EOF is hit.

When the input file is stdin (e.g. when using syslog), and if used on a low traffic site, this makes it seem like nothing is happening, causing confusion (according to #258 and my own experiences) since the payload limit isn't hit and we never reach EOF.

I have added a check where if using stdin and the buffer is empty, then the current hits are sent immediately, even if we haven't reached the max payload size.

Caveats/potential issues/things to discuss:

  • Admittedly, I haven't researched the select syscall, and the detection is based on this. But I can confirm on my system using syslog-ng (sorry, but I don't have any clue on how to formally test syscalls).
  • This only works for Unix systems.
  • I wonder if there theoretically exists a potential setting where given a very high traffic site, if the script sleeps for one second then the entire stdin buffer could potentially be filled?
  • I have not added an option for toggling this feature, as it ideally should hopefully never be preferable to turn it off.

Review

@Knyffen
Copy link
Author

Knyffen commented Jan 3, 2024

Just to comment on the test that failed with python 3.5:
Regarding the failing test for python 3.5, honestly, I don't know why the test should suddenly fail, since it has file_ = 'logs/netscaler.log' and my new code only triggers if file == sys.stdin.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@Knyffen