What's wrong with my logback syslog appender?
I'm trying to get a logback syslog appender working, and I've definitely got something misconfigured. I've created a small sample project which I think should log to syslog, yet it doesn't.
I'm sure I'm missing something stupid. Here's the appender from logback.xml:
<appender name="SYSLOG" class="ch.qos.logback.classic.net.SyslogAppender">
<syslogHost>localhost</syslogHost>
<facility>USER</facility>
<suffixPattern>[%thread] %logger %msg</suffixPattern>
</appender>
I've tried adding the port (514) explicitly, and, no joy. on both systems I've tried this on, I've verified syslog is receiving input using logger "test message" and then tailing either /var/log/messages or /var/log/system.log.
What do I need to change in order to get logback/slf4j logging to syslog?
Answer
Nothing is wrong with your code, the problem is the system config. Using your provided test project, I was able to make the syslog appender work (Ubuntu 14.10).
Here are some steps:
- edit
/etc/syslog.confand ensure you have network syslog enabled:
# provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514
# provides TCP syslog reception
# note that logback seems to use UDP, so this isn't strictly necessary.
$ModLoad imtcp
$InputTCPServerRun 514
- restart rsyslog (
service rsyslog restart) if you change the config (reload doesn't work) - check that syslog is listening with
lsof -i | grep syslog
results:
