> > pyinotify uses the Linux kernel's inotify system calls. polling > > actually causes fail2ban to sleep and check the file's mtime > > periodically, iirc. > > It's a matter of efficiency, mostly CPU usage. polling is the most > primitive and requires the process to wake up frequently to check > weather the log file has changed. So the process runs even if the log > file has not changed. The only reason to use polling is if you are > using an older OS that doesn't support the others. Gamin is somewhat > better, I don't personally know the exact details, but pyinotify is the > most efficient, cause your telling the kernel to wake up the process > automatically when the file changes, so it doesn't have to run until > something get's written to the log file.
THIS is the kind of answer I was looking for! THANK YOU! However, I think you missed that Gamin uses inotify so not differeent than pyinotify excetp in implementation. > 7, but my understanding is that rsyslogd can be run in such a way as to > also output to log files, in which case you could use either the > systemd/journald directly or the log file. I would probably choose the > systemd method because fail2ban is likely to pick things up more quickly > then if there is yet another daemon (rsyslogd) in the middle. Yes your understanding seems correct - as reference in my last post, I noticed centos has journald (systemd) logs AND plain log files. Besides having another daemon (rsyslog) in middle, do you know the scheme used for the systemd backend? Does it also poll or use some type of notify method? ------------------------------------------------------------------------------ Don't Limit Your Business. Reach for the Cloud. GigeNET's Cloud Solutions provide you with the tools and support that you need to offload your IT needs and focus on growing your business. Configured For All Businesses. Start Your Cloud Today. https://www.gigenetcloud.com/ _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
