i'm looking best way capture network generated syslog on port 514 tcl variable list (using lappend mysyslist $newsyslogentry), or append file (i.e., open "syslog.txt" a)
i suspect need triggered via event every new (port 514) entry (i.e., fileevent $$ readable...) , if possible allow other programs access syslog port?
i believe network syslog traffic udp based (not 100% sure), i've seed udp + tcp syslog capture apps around.
there few syslog client apps available, need simple port 514 recorder in tcl.
i have ideas suggestions appreciated.
for who's interested, i've created udp version here:
#!/usr/local/bin/tclsh package require udp ; # load required udp package set port 514 ; # default syslog port set logfile "udp_syslog.txt" ; # set log filename log data # capture udp data here proc udp_triggered {} { global dg logfile ; # ensure global variables work in procedure set rcdata [read $dg(udp)] ; # grab udp data within rcdata set udp_log [open $logfile a] ; # open specified logfile append (auto-creates if not exist) puts $udp_log $rcdata ; # place udp data line log file close $udp_log ; # close log file return } set dg(udp) [udp_open $port] ; # setup udp capture port fileevent $dg(udp) readable udp_triggered ; # setup event trigger when udp port becomes readable , execute procedure capture data vwait forever ; # activates (fileevent) trigger wait udp data 