[securedrop-log] Evaluate redis alternatives

Question

[securedrop-log] Evaluate redis alternatives

legoktm opened this issue a year ago · 2 comments

redis is currently used to buffer logs received over qrexec and then a service reads from redis and writes to the appropriate log files. It would be nice if we could use existing log aggregators for this purpose, e.g. systemd-journald or rsyslog.

So the flow would look like:

VM log entry --qrexec--> {something} --> rsyslog/journald --> log files

Where "{something}" pushes the log entry into rsyslog/journald. Maybe something exists off the shelf or we write a small thing for it. It will need to be fast or non-blocking to avoid the log sender waiting over the qrexec channel.

Answer 1 · 2023-11-21T20:09:32.000Z

Ro pointed me to the docs for qrexec socket services, which I think fit exactly what we need here. Instead of using redis to aggregate and queue messages, we could have a simple async service read messages off the socket and write to log files. So then the flow is:

VM log entry --qrexec--> sd-logger --> log files

Answer 2 · 2024-09-30T17:54:32.000Z