openSUSE blog syslogng vs journald

A link to this blog just popped up in the openSUSE news feed,
Thought that the topic is important enough to repost the link here.

For those who aren’t aware of these two logging methods, the journal is the current standard method of storing and reading system (and some other) log files, essential to improving how your system runs and troubleshooting errors. In many ways, it’s a big improvement over what existed before which were individual syslog text files which requires search and parsing skills plus didn’t always have the information you needed.

As the blog describes,
This is fine if you only want to look at logs on your local machine, but this breaks down when you want to look for something across several machines in your network. Today, the systemd journal not only is mostly limited to reading local logs, as a newer technology many older at times very powerful apps don’t support collecting data directly from the journal.

To provide that traditional versatility, enter syslog-ng.
Enhanced, syslog-ng not only exports the journal log data into the older, traditional format for use with a multitude of tools, it’s also by itself a powerful tool for parsing what you want from the data.

The blog is short, and probably a worthwhile read no matter what level openSUSE User you may be.


zypper in syslog-ng
Retrieving repository 'Packman Repository' metadata .........................[done]
Building repository 'Packman Repository' cache ..............................[done]
Loading repository data...
Reading installed packages...
Resolving package dependencies...

Problem: systemd-logger-237-4.1.x86_64 conflicts with namespace:otherproviders(sysl
og) provided by syslog-ng-3.14.1-1.1.x86_64
 Solution 1: deinstallation of systemd-logger-237-4.1.x86_64
 Solution 2: do not install syslog-ng-3.14.1-1.1.x86_64

**Choose from above solutions by number or cancel [1/2/c] (c): **c


To me,
That looks like something that should be submitted to
Namespace collision errors can be missed, and should be easy for someone to fix.
If you haven’t submitted a bug before, do so and become a contributing member(and should be easy to do)!


Please, don’t laugh of me.
I never submitted a bug.
I will try.
Wish me luck.

I submitted it.

It is a good idea to post a link to the bug report here. Then others can confirm, add information, etc.

Sorry. I do not know how to proceed.
This is the link

Thanks a lot.

You’re welcome.

I have the answer.
Pick 1.:slight_smile:

The problem is that without inside information you can not be sure if it is a good idea to uninstall something else. :frowning:

It is not my idea.
The bug was closed ant this was the answer.

Option 1 might cause problems for the journal, so I wouldn’t recommend that.


This was the answer I received:

You are right (@tsu2 and @hcvv).
It seems there are another views.

Eh, did you read the article ?
FWIW running Tw here and systemd-logger is not installed at all, is it on Leap ?

Sorry, what article?
I am running Tw too.
I read only last post from the bug.

It seems that is an old issue.
And I find the answer.

Thanks Wolfi. :wink:

The article

Yes I read it from OP, thank you.
Do you mean that is probably a Tw’s issue not a Leap one.

Just a general comment.

I am using “rsyslog” with Leap 42.3. On that conflict, I went with “pick 1”. But I only had to do that, because “rsyslog” was not on the install DVD. For Leap 15.0, it looks as if “rsyslog” is on the install DVD. If you pick it at install time, you won’t have to uninstall something else, because nothing is yet installed.

As for which? It really depends on what you want. I’ve been using Linux and other unix variants for a long time. So I am used to looking at logfiles. So having logfiles is the best choice for me. For somebody coming to linux with no prior familiarity, allowing systemd-journal to manage the log records might well be the best approach.