Data acquisition

Each probe uses a different method to acquire data. Which method the probe uses depends on the target system from which it receives data.

The probe acquires event data from syslogd, the UNIX system message logger, by reading from a log file or a named pipe (FIFO) into which syslogd has been configured to write its messages.

Note: FIFO (First In First Out) is also known as a named pipe. A FIFO allows a program to write to a file and another process to read what has been written without the file expanding.

Data acquisition is described in the following topics: