[olug] syslog help

Mike Hostetler thehaas at binary.net
Fri Nov 1 16:40:54 UTC 2002 

I have an app on a Linux box that can send messages to the system logger
via log4j (for you Java people). I think that this would be a cool thing
to do, since the standard log files for this app are spread all over the
place.  The Linux box in question has syslog-ng installed.

The only way log4j will use the system log is via a network connection, not
sockets.  The configuration for log4j is sketchy, and I google'ed and
found no examples.  But this is what I set up in the .properties file
after much trial and error:
		  log4j.rootCategory=WARN, LogSysOut, LogFile1, LogFile2
	[snip]
		  log4j.appender.LogFile2=org.apache.log4j.net.SyslogAppender
		  log4j.appender.LogFile2.facility=user
		  log4j.appender.LogFile2.SyslogHost=localhost
		  log4j.appender.LogFile2.FacilityPrinting=on

The app starts up with no errors, so I think it's correct.

I uncommented this line in /etc/syslog-ng/syslog-ng.conf:
		  source net { udp( port(514)); }; 

Which is suppose to mean "listen on port 514 via udp".  UDP on 514 is
supposed to be the standard syslog port (according to the syslog-ng doc
and /etc/services).

So I stop and start syslog-ng, than start up my app.  But I see no
messages in any of the log files.  When I do a 'netstat -na', I don't see
anything listening on port 514:

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address     State
tcp        0      0 0.0.0.0:1026            0.0.0.0:*           LISTEN
tcp        0      0 0.0.0.0:1095            0.0.0.0:*           LISTEN
tcp        0      0 0.0.0.0:22              0.0.0.0:*           LISTEN
tcp        0      0 0.0.0.0:5432            0.0.0.0:*            LISTEN
tcp        0      0 172.21.28.208:22        172.21.29.54:1436  ESTABLISHED
tcp        0      0 172.21.28.208:22        172.21.29.54:1461 ESTABLISHED
tcp        0    316 172.21.28.208:22        172.21.29.54:2117 ESTABLISHED
tcp        0      0 172.21.28.208:22        172.21.29.54:1430 ESTABLISHED
udp        0      0 127.0.0.1:1024          127.0.0.1:1024 ESTABLISHED

So -- what I am doing wrong??  I don't have to use syslog-ng, so if there
are wizards out that that recommend something different, I'm all for it.

-- mikeh

--

More information about the OLUG mailing list