Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The use case is people with:

- A large enough deployment to want centralized logging

but are:

- Cheap enough not to buy nginx (for good reason or not)

and

- Too lazy to maintain a patcheset against distro packages

and

- Too bad at linux administration to use the file pipe trick to log to syslog anyway

So, yeah syslog is nice but this change does have quite a narrow use case. What it did have were vocal complainers that knew the right places to complain online to be noticed.



This is kind of a cheap shot at people who just wanted built-in syslog support. There are plenty of reasons someone might not be able to patch or upgrade a binary, and using a fifo is a pretty bad kludge considering the whole thing can hang if they're started/stopped in the wrong order (meaning your startup scripts now have to be rewritten). Building in syslog support means just getting the damn thing working without special hacks and kludges.

But to answer OP's question, syslog is better than just appending to a file because syslog does a lot of things for you, like filtering your logs in real time and splitting them into new files, logging remotely to industry-standard aggregation devices, access control, (somewhat) standardized formatting, log rolling, etc.


My job as a sysadmin is to keep servers running and log their status and errors.

When a large team has many jobs:

-Yes, I want central logging

-I probably did buy nginx (you're telling me this was already available, but closed source? How rude.)

-No, managing distro patches and writing a web server are not my jobs

-No, I'd prefer avoiding hackish file redirects in lieu of real features, but I'll do what I have to.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: