1. IT宝库
  2. 编程技术问答
  3. 其他开发
  4. log4j2-Syslog appender and PatternLayout

log4j2-Syslog appender and PatternLayout[英] log4j2 - Syslog appender and PatternLayout

 

本文是小编为大家收集整理的关于log4j2-Syslog appender and PatternLayout的处理/解决方法,可以参考本文帮助大家快速定位并解决问题,中文翻译不准确的可切换到English标签页查看源文。

问题描述

我需要将事件登录到Syslog中. 我使用lo4j2和syslog appender. 我的附录中的log4j2.xml看起来像这样:

<appenders>
        <Console name="Console" target="SYSTEM_OUT">
            <PatternLayout pattern="%d{HH:mm:ss.SSS} [%t] %-5level %logger{36} - %msg%n"/>
        </Console>
        <Syslog name="syslog" host="localhost" port="514" protocol="UDP" charset="ISO-8859-1">
        </Syslog>
        <RollingFile name="AppLog" fileName="/var/log/app.log"
                     filePattern="/var/log/$${date:yyyy-MM}/app-%d{MM-dd-yyyy}-%i.log.gz">
            <PatternLayout pattern="%d{HH:mm:ss.SSS} [%t] %-5level %logger{36} - %msg%n"/>
            <Policies>
                <TimeBasedTriggeringPolicy/>
            </Policies>
        </RollingFile>          
    </appenders>

您可以看到,我有一个具有特定模式layout的控制台appender和RollingFile Appender. 我想为syslog appender使用相同的模式layout. 但是,Syslog中的日志消息似乎总是使用预定义的布局. 我试图做以下操作:

<Syslog name="syslog" host="localhost" port="514" protocol="UDP" charset="ISO-8859-1">
    <PatternLayout pattern="%d{HH:mm:ss.SSS} [%t] %-5level %logger{36} - %msg%n"/>
</Syslog>

这没有任何效果. Syslog消息仍然具有相同的耗时格式.

如何确定进入Syslog的日志消息的格式?

推荐答案

如下所述log4j2编码 syslogagedender syslogagpender https://logging.apache.org/log4j/2.x/manual/appenders.html#socketappender" rel =" noreferrer"> socketAppender hardwired to a sysloglayout

因为它旨在符合原始系统log格式或RFC 5424.

不幸的是,他们没有意识到RFC 5424规格没有为日志中包含的消息执行任何特定格式,而Log4J2实现中仅是日志的%m部分.

.

要解决此问题,解决方案(在同一错误报告中建议)是使用a <Socket name="SYSLOG" host="localhost" port="514" protocol="UDP"> <PatternLayout pattern="&lt;1&gt;%d{MMM dd HH:mm:ss} ${hostName} appName: { &quot;host&quot;:&quot;${hostName}&quot;, &quot;thread&quot;:&quot;%t&quot;, &quot;level&quot;:&quot;%p&quot;, &quot;logger&quot;:&quot;%c{1}&quot;, &quot;line&quot;:%L, &quot;message&quot;:&quot;%enc{%m}&quot;, &quot;exception&quot;:&quot;%exception&quot; }%n" /> </Socket>

这将通过UDP将良好的RFC5424日志写入本地514端口.以下是样本日志输出:

Sep 14 10:40:50 app-hostname app-name: { "host":"host-name-01", "thread":"http-nio-8080-exec-4", "level":"DEBUG", "logger":"ExecuteTimeInterceptor", "line":52, "message":"GET &#x2F;health 200 served in 3", "exception":"" }

其他推荐答案

我不相信您可以在基本的Syslog Appender上使用模式.

从文档中指出

" syslogappender是一个套接字应用程序,将其输出写入由主机和端口指定的远程目的地,该格式与BSD Syslog格式或RFC 5424" http://logging.apache.org/log4j/2.x/manual/appenders. html#syslogappender

但是,它确实允许您指定"格式= RFC 5424"

如果您使用RFC 5424

然后,您可以在Loggerfields参数中放置一个图案layout. 请参阅 http://logging.apache.org/loggay.org/log4j/2.x/manual/layaul/layout/layowouts .html#rfc5424layout

希望有帮助!

其他推荐答案

您可以使用LoggerFields标签使用以下方式使用RFC5424格式的SyslogAppender消息添加其他元素:

<LoggerFields>
  <KeyValuePair key="thread" value="%t"/>
  <KeyValuePair key="priority" value="%p"/>
  <KeyValuePair key="category" value="%c"/>
  <KeyValuePair key="exception" value="%ex"/>
</LoggerFields>
然后,我使用RSYSLOG的RFC5424解析模块mmpstrucdata将其拉出,以创建JSON树.用于访问它们的rsyslog.conf模板看起来像:

template(name="jsondump" type="string" string="'%$!rfc5424-sd!mdc@18060!thread%', '%$!rfc5424-sd!mdc@18060!priority%', '%$!rfc5424-sd!mdc@18060!category%', '%$!rfc5424-sd!mdc@18060!exception%'")

我只是想做同样的事情,并以为我会分享对我有用的东西. -Sam

本文地址:https://www.itbaoku.cn/post/1574796.html

百度翻译此文   有道翻译此文

问题描述

I need to log events into the syslog. I use lo4j2 and the syslog appender. My appenders block in log4j2.xml looks like this:

<appenders>
        <Console name="Console" target="SYSTEM_OUT">
            <PatternLayout pattern="%d{HH:mm:ss.SSS} [%t] %-5level %logger{36} - %msg%n"/>
        </Console>
        <Syslog name="syslog" host="localhost" port="514" protocol="UDP" charset="ISO-8859-1">
        </Syslog>
        <RollingFile name="AppLog" fileName="/var/log/app.log"
                     filePattern="/var/log/$${date:yyyy-MM}/app-%d{MM-dd-yyyy}-%i.log.gz">
            <PatternLayout pattern="%d{HH:mm:ss.SSS} [%t] %-5level %logger{36} - %msg%n"/>
            <Policies>
                <TimeBasedTriggeringPolicy/>
            </Policies>
        </RollingFile>          
    </appenders>

As you can see I have a Console appender and RollingFile appender with a specific PatternLayout. I want to use the same PatternLayout for the Syslog appender. However, the log messages in the syslog seem to always use a predefined layout. I tried to do the following:

<Syslog name="syslog" host="localhost" port="514" protocol="UDP" charset="ISO-8859-1">
    <PatternLayout pattern="%d{HH:mm:ss.SSS} [%t] %-5level %logger{36} - %msg%n"/>
</Syslog>

But this does not have any effect. the syslog messages still have the same predfined format.

How can I determine the format of my log messages that go into the syslog?

推荐答案

As mentioned in this log4j2 bug report, the developers of log4j2 coded the SyslogAppender as a SocketAppender hardwired to a SyslogLayout

because it is intended to conform to either the original syslog format or RFC 5424. No other Layout should be permitted.

They unfortunately did not realize that the RFC 5424 specifications do not enforce any particular format for the message contained in the log, that in the Log4j2 implementation is only the %m portion of the log.

To solve this issue, a solution (suggested in the same bug report) is to reproduce the syslog format using a PatternLayout inside a SocketAppender, like so

<Socket name="SYSLOG" host="localhost" port="514" protocol="UDP">
  <PatternLayout
    pattern="&lt;1&gt;%d{MMM dd HH:mm:ss} ${hostName} appName: {
      &quot;host&quot;:&quot;${hostName}&quot;,
      &quot;thread&quot;:&quot;%t&quot;,
      &quot;level&quot;:&quot;%p&quot;,
      &quot;logger&quot;:&quot;%c{1}&quot;,
      &quot;line&quot;:%L,
      &quot;message&quot;:&quot;%enc{%m}&quot;,
      &quot;exception&quot;:&quot;%exception&quot;
      }%n"
  />
</Socket>

This will write well-formatted RFC5424 logs to local 514 port through UDP. Following is a sample log output:

Sep 14 10:40:50 app-hostname app-name: { "host":"host-name-01", "thread":"http-nio-8080-exec-4", "level":"DEBUG", "logger":"ExecuteTimeInterceptor", "line":52, "message":"GET &#x2F;health 200 served in 3", "exception":"" }

其他推荐答案

I don't believe you can use a pattern on the basic Syslog appender.

From the docs it states that

"SyslogAppender is a SocketAppender that writes its output to a remote destination specified by a host and port in a format that conforms with either the BSD Syslog format or the RFC 5424" http://logging.apache.org/log4j/2.x/manual/appenders.html#SyslogAppender

However, it does allow you to specify "format = RFC 5424"

If you use RFC 5424

Then you can put a PatterLayout in the loggerFields parameter. See http://logging.apache.org/log4j/2.x/manual/layouts.html#RFC5424Layout

Hope that helps!

其他推荐答案

You can use add additional elements to an RFC5424 formatted SyslogAppender message using the LoggerFields tag like this:

<LoggerFields>
  <KeyValuePair key="thread" value="%t"/>
  <KeyValuePair key="priority" value="%p"/>
  <KeyValuePair key="category" value="%c"/>
  <KeyValuePair key="exception" value="%ex"/>
</LoggerFields>

I then pull these out using rsyslog's RFC5424 parsing module, mmpstrucdata, to create json tree. The rsyslog.conf template for accessing them looks like:

template(name="jsondump" type="string" string="'%$!rfc5424-sd!mdc@18060!thread%', '%$!rfc5424-sd!mdc@18060!priority%', '%$!rfc5424-sd!mdc@18060!category%', '%$!rfc5424-sd!mdc@18060!exception%'")

I was just trying to do the same and thought I'd share what worked for me. - Sam

上一篇:无法启动spring boot服务器
下一篇:记录POST数据的RestTemplate
相关问答
  Log4j2使用Syslog Appender和RFC5424
  log4j2 columnmapping的patternlayout不工作
  扩展Log4j2中的PatternLayout
  Log4net。SysLog Appender 示例
  log4j2模拟Appender
  如何使log4j syslog appender在一行中写下堆栈跟踪?
  用slf4j和log4j2动态添加appender
  使用多个appender和logger的Log4j2
  使用log4j2.properties文件的Syslog的LoggerFields
  log4j appender阈值和类别
更多内容  更多相关问答
相关标签/搜索
java linux log4j2 syslog log4net junit log4j logging slf4j xml