It's easy to get a stream of messages out of Fluentd in raw(ish?) form or to
write a message destination plugin for it. This makes Fluentd an excellent
message forwarder for generic data. On rsyslog side, you can't get
a line-wise stream of JSON messages passed to TCP or UNIX socket or through
a pipe to a command, and writing a plugin for it takes some C code.
I wouldn't build a monitoring or inventory system on rsyslog, but I don't
hesitate to use Fluentd. rsyslog was intended for logs only, and using it in
any other way seems an abuse, even if smart and somewhat fitting.
I haven't used logstash, but I bet it operates in a similar way on its data
sink border.
I wouldn't build a monitoring or inventory system on rsyslog, but I don't hesitate to use Fluentd. rsyslog was intended for logs only, and using it in any other way seems an abuse, even if smart and somewhat fitting.
I haven't used logstash, but I bet it operates in a similar way on its data sink border.