Jump to content

Reliable Event Logging Protocol

Edit links
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Melonkelon (talk | contribs) at 21:42, 7 May 2013 (WPCleaner v1.27 - Reference before punctuation (Fixed using WP:WCW)). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Reliable Event Logging Protocol (RELP) is a networking protocol for Computer data logging in computer networks. It is based on the ideas of the syslog protocol but extends it to provide reliable delivery of event messages. It is most often used in environments where message loss is not acceptable, like in the financial industry.

Overview

RELP uses TCP for message transmission. This provides basic protection against message loss, but does not guarantee delivery under all circumstances. When a connection is aborted, it cannot reliably detected if the last messages sent have actually reached their destination.[1] Contrary to the syslog protocol, RELP works with a backchannel, over which information of messages processed by the receiver is conveyed back to the sender. This enables RELP to always know which messages have been properly received, even in the case of a connection abort.

History

RELP was developed in 2008 as a reliable protocol for rsyslog-to-rsyslog communication. As RELP designer Rainer Gerhards explains, the lack of reliable transmission in industry-standard syslog was a core motivation to create RELP.[2] Originally, RFC 3195 syslog was considered to take up this part in rsyslog, but it suffered from high overhead and missing support for new IETF syslog standards (which are now know by base RFC 5424, but were not named at that time).

While RELP was initially meant solely for rsyslog use, it got wider spread adoption. Currently tools both under Linux and Windows support RELP. There are also in-house deployments for JAVA. While RELP is still not formally standardized, it has evolved into an industry standard for computer logging.

Technical Details

RELP is inspired by RFC 3195 syslog and RFC 3080. During initial connection, sender and receiver negotiate session options, like supported command set or application level window size. Network event messages are transferred as commands, where the receiver acknowledges each command as soon as it has processed it. Sessions my be closed by both sender and receiver, but usually should be terminted by the sender side. In order to facilitate message recovery on session aborts, RELP keeps transaction numbers for each command, and negotiates which messages need to be resent on session reestablishment.

The current version of RELP does not specify native TLS support. However, practical deployments use wrappers around the RELP session in order to provide that functionality.

Implementations

Only publically available implementations are listed. This list is not exhaustive.

  • librelp - the original C RELP library
  • rsyslog
  • MonitorWare (Windows)
  • logstash

References

  1. ^ "Why you can't build a reliable TCP protocol without app-level acks". 2008-05-29. Retrieved 2013-05-06.
  2. ^ "RELP - the reliable event logging protocol". 2008-03-13. Retrieved 2013-05-06.
Retrieved from "https://en.wikipedia.org/w/index.php?title=Reliable_Event_Logging_Protocol&oldid=554027708"