发表新帖
发表新帖

Writing log data to syslog using log4j

前端 未结
关注
2 625
Happy的楠姐
Happy的楠姐 2021-01-02 03:18

I\'m unable to write log messages into syslog. Any help would be great. Here is my simple log4j program

import org.apache.log4j.Logger;
import java.io.*;
im
相关标签:
2条回答
  • 长情又很酷
    2021-01-02 04:09

    The answer from @Sandeep above is the correct one, but it's from 2012 so I wanted to expand a little bit for folks who are using more recent setups. For instance, on Ubuntu 18.04 the /etc/rsyslog.conf file now has data near the top of the file that looks like this:

    #################
#### MODULES ####
#################

module(load="imuxsock") # provides support for local system logging
#module(load="immark")  # provides --MARK-- message capability

# provides UDP syslog reception
#module(load="imudp")
#input(type="imudp" port="514")

# provides TCP syslog reception
#module(load="imtcp")
#input(type="imtcp" port="514")

    Uncommenting the two UDP lines and then running sudo service rsyslog restart worked for me. The Java Log4J Syslog appender (https://logging.apache.org/log4j/1.2/apidocs/org/apache/log4j/net/SyslogAppender.html) expects syslog to be listening on UDP port 514 on localhost.

    As a potential further security improvement, you may also consider binding to the loopback address so port 514 isn't visible external to the host if you don't need it to be:

    input(type="imudp" port="514" address="127.0.0.1")

    It's also possible to make this update without having to touch the existing /etc/rsyslog.conf file; instead you can add a new conf file under the /etc/rsyslog.d/ directory, e.g. /etc/rsyslog.d/10-open-upd-port.conf, that only contains these lines:

    module(load="imudp")
input(type="imudp" port="514" address="127.0.0.1")

    And then restart the rsyslog daemon as described above.

    To see whether or not the rsyslog daemon is actively listening on the UDP port 514, I found this command useful as well: sudo lsof -iUDP:514 -nP -c rsyslogd -a (show listeners on port UDP 514 whose command is "rsyslogd").

    0 讨论(0)
  • 忘了有多久
    2021-01-02 04:14

    Add the following lines to rsyslog.conf file 

    $ModLoad imudp
$UDPServerRun 514

    It worked for me.

    Need to restart the rsyslog after modfications.

    0 讨论(0)
 看不清?
提交回复
热议问题