[olug] syslog help

Trent Melcher tmelcher at trilogytel.com
Fri Nov 1 17:41:09 UTC 2002


Maybe this will help some.

Found it at: http://jakarta.apache.org/log4j/docs/TROUBLESHOOT.html#syslogd



I cannot log to syslogd under linux.
If you are trying to log to the Unix syslog under Linux using the
SyslogAppender
(http://jakarta.apache.org/log4j/docs/api/org/apache/log4j/net/SyslogAppende
r.html), then the Linux syslog daemon must be configured to accept log input
from the network. Otherwise, you will get an IOException: connection
refused.

This can be done by adding the -r option when starting the daemon. Or more
precisely:

Login as the root user
Edit file /etc/rc/init.d/syslog
case "$1" in
  start)
        echo -n "Starting system logger: "
        daemon syslogd -r
/etc/rc/init.d/syslog restart

-----Original Message-----
From: olug-admin at olug.org [mailto:olug-admin at olug.org]On Behalf Of Mike
Hostetler
Sent: Friday, November 01, 2002 10:41 AM
To: olug at olug.org
Subject: [olug] syslog help



I have an app on a Linux box that can send messages to the system logger
via log4j (for you Java people). I think that this would be a cool thing
to do, since the standard log files for this app are spread all over the
place.  The Linux box in question has syslog-ng installed.

The only way log4j will use the system log is via a network connection, not
sockets.  The configuration for log4j is sketchy, and I google'ed and
found no examples.  But this is what I set up in the .properties file
after much trial and error:
		  log4j.rootCategory=WARN, LogSysOut, LogFile1, LogFile2
	[snip]
		  log4j.appender.LogFile2=org.apache.log4j.net.SyslogAppender
		  log4j.appender.LogFile2.facility=user
		  log4j.appender.LogFile2.SyslogHost=localhost
		  log4j.appender.LogFile2.FacilityPrinting=on

The app starts up with no errors, so I think it's correct.

I uncommented this line in /etc/syslog-ng/syslog-ng.conf:
		  source net { udp( port(514)); };

Which is suppose to mean "listen on port 514 via udp".  UDP on 514 is
supposed to be the standard syslog port (according to the syslog-ng doc
and /etc/services).

So I stop and start syslog-ng, than start up my app.  But I see no
messages in any of the log files.  When I do a 'netstat -na', I don't see
anything listening on port 514:

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address     State
tcp        0      0 0.0.0.0:1026            0.0.0.0:*           LISTEN
tcp        0      0 0.0.0.0:1095            0.0.0.0:*           LISTEN
tcp        0      0 0.0.0.0:22              0.0.0.0:*           LISTEN
tcp        0      0 0.0.0.0:5432            0.0.0.0:*            LISTEN
tcp        0      0 172.21.28.208:22        172.21.29.54:1436  ESTABLISHED
tcp        0      0 172.21.28.208:22        172.21.29.54:1461 ESTABLISHED
tcp        0    316 172.21.28.208:22        172.21.29.54:2117 ESTABLISHED
tcp        0      0 172.21.28.208:22        172.21.29.54:1430 ESTABLISHED
udp        0      0 127.0.0.1:1024          127.0.0.1:1024 ESTABLISHED

So -- what I am doing wrong??  I don't have to use syslog-ng, so if there
are wizards out that that recommend something different, I'm all for it.

-- mikeh

--
_______________________________________________
OLUG mailing list
OLUG at olug.org
http://lists.olug.org/mailman/listinfo/olug





More information about the OLUG mailing list