sdjournal: Correctly seek to current tail

SUSE / linux-security-sensor

Linux security sensor

Other

18 stars 9 forks source link

sdjournal: Correctly seek to current tail #75

Open xTeixeira opened 9 months ago

xTeixeira commented 9 months ago

SeekTail() seeks to one position after the current tail. We need to call Previous() after SeekTail() to seek to the last journal entry. Fixes a regression with systemd v254.

See https://github.com/systemd/systemd/pull/26577

djoreilly commented 8 months ago

This will need to be rebased for 070. The file has been moved to vql/linux/sdjournal/watcher.go.

xTeixeira commented 8 months ago

This will need to be rebased for 070. The file has been moved to vql/linux/sdjournal/watcher.go.

Created #79 for 0.7.0

djoreilly commented 6 months ago

We can probably close this one.