- A large enough deployment to want centralized logging
but are:
- Cheap enough not to buy nginx (for good reason or not)
and
- Too lazy to maintain a patcheset against distro packages
and
- Too bad at linux administration to use the file pipe trick to log to syslog anyway
So, yeah syslog is nice but this change does have quite a narrow use case. What it did have were vocal complainers that knew the right places to complain online to be noticed.
This is kind of a cheap shot at people who just wanted built-in syslog support. There are plenty of reasons someone might not be able to patch or upgrade a binary, and using a fifo is a pretty bad kludge considering the whole thing can hang if they're started/stopped in the wrong order (meaning your startup scripts now have to be rewritten). Building in syslog support means just getting the damn thing working without special hacks and kludges.
But to answer OP's question, syslog is better than just appending to a file because syslog does a lot of things for you, like filtering your logs in real time and splitting them into new files, logging remotely to industry-standard aggregation devices, access control, (somewhat) standardized formatting, log rolling, etc.
- A large enough deployment to want centralized logging
but are:
- Cheap enough not to buy nginx (for good reason or not)
and
- Too lazy to maintain a patcheset against distro packages
and
- Too bad at linux administration to use the file pipe trick to log to syslog anyway
So, yeah syslog is nice but this change does have quite a narrow use case. What it did have were vocal complainers that knew the right places to complain online to be noticed.