Log4j and syslogappender

2020-04-05 08:40发布

问题:

I have a java application using log4j SyslogAppender (facility=USER) and I can see using tcpdump on port 514 that my application is sending intended log message as a datagram and also netstat shows me that syslogd (red hat) is running and listening on 0.0.0.0:514 but I do not see any logging happening in /var/log/messages.

In my syslog.conf, I have

*.info         /var/log/messages

My conversion pattern for SyslogAppender is

%d{MMM dd HH:mm:ss} %F %L %5p [%t] %m %n"

I am clueless as why it is failing to log or where exactly should I look for to see what is failing. And I don't have enough permissions on the machine to start/stop syslogd or run manually to have verbose debug logs enabled.

Any pointers as how I proceed?

Edit:

The Appender below

private void initSyslog() { 
    SyslogAppender syslogAppender = new SyslogAppender();   
    syslogAppender.setName("syslog");
    syslogAppender.setLayout(new PatternLayout("%d{MMM dd HH:mm:ss} %F %L %5p [%t] %m %n")); 
    syslogAppender.setFacility("USER"); 
    syslogAppender.setFacilityPrinting(true);
    syslogAppender.setSyslogHost("localhost");
    syslogAppender.activateOptions(); 
    Logger.getRootLogger().addAppender(syslogAppender);
    Logger.getRootLogger.info("Syslogdone");
} 

回答1:

Remote logging was not enabled in syslog. Weird, because it still opens and listens on 514. Once I started with syslog -r, everything started logging.



回答2:

Maybe this will help: http://wiki.loggly.com/log4j

It's just an example set up with using SyslogAppender. Just ignore the part about forwarding it to Loggly.